Variant weakness
Incomplete
Log in
Certain conditions, such as network failure, will cause a server error message to be displayed.
Last updated
While error messages in and of themselves are not dangerous, per se, it is what an attacker can glean from them that might cause eventual problems.
4 recorded CVEs are caused by CWE-550 (Server-generated Error Message Containing Sensitive Information). The highest-severity and most recent are shown first. 1 new CWE-550 CVE has been recorded so far in 2026 (1 in 2025).
Squid vulnerable to information disclosure via authentication credential leakage in error handling
Multiple vulnerabilities found in IBM ApplinX.
What can happen when CWE-550 is exploited.
Read Application Data
Affects: Confidentiality
Typically introduced during these phases of the software lifecycle.
Practical mitigations for CWE-550, grouped by where in the lifecycle they apply.
Recommendations include designing and adding consistent error handling mechanisms which are capable of handling any user input to your web application, providing meaningful detail to end-users, and preventing error messages that might provide information useful to an attacker from being displayed.
Common questions about CWE-550.
Certain conditions, such as network failure, will cause a server error message to be displayed.
4 recorded CVEs are attributed to CWE-550, including CVE-2025-62168, CVE-2023-40726, CVE-2025-36419.
Recommendations include designing and adding consistent error handling mechanisms which are capable of handling any user input to your web application, providing meaningful detail to end-users, and preventing error messages that might provide information useful to an attacker from being displayed.
Exploiting CWE-550 can lead to: Read Application Data.
4 recorded CVEs are caused by CWE-550; none are currently in CISA's KEV catalog of actively exploited flaws.
Weakness data is sourced from the MITRE CWE catalog (v4.20). CVE associations are aggregated and kept current by RadicalNotion.AI.
Get alerted the moment a new CWE-550 vulnerability affects your stack, with AI-written analysis, severity context, and remediation guidance.