CWE-386: Symbolic Name not Mapping to Correct Object

A constant symbolic reference to an object is used, even though the reference can resolve to a different object over time.

Recorded CVEs

With this primary weakness

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Base

Abstraction

MITRE classification

Overview

CWE-386 (Symbolic Name not Mapping to Correct Object) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.

CWE-386: Symbolic Name not Mapping to Correct Object

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-386?

What CVEs are caused by CWE-386?

What are the consequences of CWE-386?

Is CWE-386 actively exploited?

References

Stay ahead of CWE-386

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Related weaknesses

Parent

Peer

Related

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-386?

What CVEs are caused by CWE-386?

What are the consequences of CWE-386?

Is CWE-386 actively exploited?

References

Stay ahead of CWE-386