CWE-686: Function Call With Incorrect Argument Type

The product calls a function, procedure, or routine, but the caller specifies an argument that is the wrong data type, which may lead to resultant weaknesses.

Recorded CVEs

With this primary weakness

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Variant

Abstraction

MITRE classification

Overview

This weakness is most likely to occur in loosely typed languages, or in strongly typed languages in which the types of variable arguments cannot be enforced at compilation time, or where there is implicit casting.

CWE-686: Function Call With Incorrect Argument Type

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to detect it

Other

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-686?

What CVEs are caused by CWE-686?

How is CWE-686 detected?

What are the consequences of CWE-686?

Is CWE-686 actively exploited?

References

Stay ahead of CWE-686

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to detect it

Other

Related weaknesses

Parent

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-686?

What CVEs are caused by CWE-686?

How is CWE-686 detected?

What are the consequences of CWE-686?

Is CWE-686 actively exploited?

References

Stay ahead of CWE-686