CWE-386: Symbolic Name not Mapping to Correct Object
A constant symbolic reference to an object is used, even though the reference can resolve to a different object over time.
Last updated
Overview
CWE-386 (Symbolic Name not Mapping to Correct Object) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
Real-world CVEs
2 recorded CVEs are caused by CWE-386 (Symbolic Name not Mapping to Correct Object). The highest-severity and most recent are shown first. 1 new CWE-386 CVE has been recorded so far in 2026.
Common consequences
What can happen when CWE-386 is exploited.
Gain Privileges or Assume Identity
Affects: Access Control
The attacker can gain access to otherwise unauthorized resources.
Modify Application Data, Modify Files or Directories, Read Application Data, Read Files or Directories, Other
Affects: Integrity, Confidentiality, Other
Race conditions such as this kind may be employed to gain read or write access to resources not normally readable or writable by the user in question.
Modify Application Data, Other
Affects: Integrity, Other
The resource in question, or other resources (through the corrupted one) may be changed in undesirable ways by a malicious user.
Hide Activities
Affects: Non-Repudiation
If a file or other resource is written in this method, as opposed to a valid way, logging of the activity may not occur.
Modify Files or Directories
Affects: Non-Repudiation, Integrity
In some cases it may be possible to delete files that a malicious user might not otherwise have access to -- such as log files.
How it happens
When it is introduced
Typically introduced during these phases of the software lifecycle.
Terminology & mappings
Mapped taxonomies
- CLASP: Symbolic name not mapping to correct object
Frequently asked questions
Common questions about CWE-386.
- What is CWE-386?
- A constant symbolic reference to an object is used, even though the reference can resolve to a different object over time.
- What CVEs are caused by CWE-386?
- 2 recorded CVEs are attributed to CWE-386, including CVE-2026-53081, CVE-2024-3852.
- What are the consequences of CWE-386?
- Exploiting CWE-386 can lead to: Gain Privileges or Assume Identity, Modify Application Data, Modify Files or Directories, Read Application Data, Read Files or Directories, Other.
- Is CWE-386 actively exploited?
- 2 recorded CVEs are caused by CWE-386; none are currently in CISA's KEV catalog of actively exploited flaws.
References
- MITRE CWE definition (CWE-386) (opens in a new tab)
- CWE-386 vulnerabilities on NVD (opens in a new tab)
- Learn: What is a CWE?
Weakness data is sourced from the MITRE CWE catalog (v4.20). CVE associations are aggregated and kept current by RadicalNotion.AI.
Stay ahead of CWE-386
Get alerted the moment a new CWE-386 vulnerability affects your stack, with AI-written analysis, severity context, and remediation guidance.