Log inLog in

Variant weakness

Draft

CWE-316: Cleartext Storage of Sensitive Information in Memory

The product stores sensitive information in cleartext in memory.

Last updated May 1, 2026

35

Recorded CVEs

With this primary weakness

0

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Variant

Abstraction

MITRE classification

Overview

The sensitive memory might be saved to disk, stored in a core dump, or remain uncleared if the product crashes, or if the programmer does not properly clear the memory before freeing it. It could be argued that such problems are usually only exploitable by those with administrator privileges. However, swapping could cause the memory to be written to disk and leave it accessible to physical attack afterwards. Core dump files might have insecure permissions or be stored in archive files that are accessible to untrusted people. Or, uncleared sensitive memory might be inadvertently exposed to attackers due to another weakness.

Real-world CVEs

35 recorded CVEs are caused by CWE-316 (Cleartext Storage of Sensitive Information in Memory). The highest-severity and most recent are shown first. 2 new CWE-316 CVEs have been recorded so far in 2026 (12 in 2025).

CVE-2024-36792

High · CVSS 8.2

2024-06-07

CVE-2022-0835

AVEVA System Platform Cleartext Storage of Sensitive Information in Memory

High · CVSS 8.1

2022-04-11

CVE-2025-9970

Application credential stored in clear text in memory

Showing 12 of 35 recorded CWE-316 CVEs. Track new ones as they are published and get AI-written analysis and fixes.

Monitor CWE-316 vulnerabilities

Common consequences

What can happen when CWE-316 is exploited.

Read Memory

Affects: Confidentiality

How it happens

When it is introduced

Typically introduced during these phases of the software lifecycle.

Architecture and Design

Illustrative examples

Real CVEs that MITRE cites as examples of this weakness.

CVE-2025-24870 — GUI for a desktop client stores credentials in program memory, allowing privilege escalation
CVE-2001-1517 — Sensitive authentication information in cleartext in memory.
CVE-2001-0984 — Password protector leaves passwords in memory when window is minimized, even when "clear password when minimized" is set.
CVE-2003-0291 — SSH client does not clear credentials from memory.

Terminology & mappings

Mapped taxonomies

PLOVER: Plaintext Storage in Memory
Software Fault Patterns: Exposed Data (SFP23)

Frequently asked questions

Common questions about CWE-316.

What is CWE-316?

The product stores sensitive information in cleartext in memory.

What CVEs are caused by CWE-316?

35 recorded CVEs are attributed to CWE-316, including CVE-2025-52579, CVE-2025-50109, CVE-2024-36792.

What are the consequences of CWE-316?

Exploiting CWE-316 can lead to: Read Memory.

Is CWE-316 actively exploited?

35 recorded CVEs are caused by CWE-316; none are currently in CISA's KEV catalog of actively exploited flaws.

References

Weakness data is sourced from the MITRE CWE catalog (v4.20). CVE associations are aggregated and kept current by RadicalNotion.AI.

Stay ahead of CWE-316

Get alerted the moment a new CWE-316 vulnerability affects your stack, with AI-written analysis, severity context, and remediation guidance.

Start free See pricing

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Illustrative examples

Related weaknesses

Parent

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-316?

What CVEs are caused by CWE-316?

What are the consequences of CWE-316?

Is CWE-316 actively exploited?

References

Stay ahead of CWE-316