CWE-358: Improperly Implemented Security Check for Standard
The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.
Last updated
Overview
CWE-358 (Improperly Implemented Security Check for Standard) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
Real-world CVEs
99 recorded CVEs are caused by CWE-358 (Improperly Implemented Security Check for Standard), including 1 in CISA's KEV (Known Exploited Vulnerabilities) catalog. KEVs are shown first. 23 new CWE-358 CVEs have been recorded so far in 2026 (19 in 2025).