CWE-357: Insufficient UI Warning of Dangerous Operations
The user interface provides a warning to a user regarding dangerous or sensitive operations, but the warning is not noticeable enough to warrant attention.
Last updated
Overview
CWE-357 (Insufficient UI Warning of Dangerous Operations) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
Real-world CVEs
17 recorded CVEs are caused by CWE-357 (Insufficient UI Warning of Dangerous Operations). The highest-severity and most recent are shown first. 2 new CWE-357 CVEs have been recorded so far in 2026 (5 in 2025).
- CVE-2025-49585
XWiki does not require right warnings for XClass definitions
High · CVSS 8.6 · EPSS 27th2025-06-13 - CVE-2025-49582
XWiki's required right warnings for macros are incomplete
High · CVSS 8.6 · EPSS 48th2025-06-13 - CVE-2025-33054
Remote Desktop Spoofing Vulnerability
High · CVSS 8.1 · EPSS 53th2025-07-08