CWE-696: Incorrect Behavior Order
The product performs multiple related behaviors, but the behaviors are performed in the wrong order in ways that may produce resultant weaknesses.
Last updated
Overview
CWE-696 (Incorrect Behavior Order) is a class-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
Real-world CVEs
33 recorded CVEs are caused by CWE-696 (Incorrect Behavior Order). The highest-severity and most recent are shown first. 16 new CWE-696 CVEs have been recorded so far in 2026 (8 in 2025).
- CVE-2026-40583
UltraDAG: SmartOp Vote Path Triggers Fatal Supply Invariant Halt
High · CVSS 8.8 · EPSS 30th2026-04-21 - CVE-2026-45033
GitHub Copilot CLI: Nested Bare Repository Can Execute Arbitrary Commands via core.fsmonitor
High · CVSS 8.5 · EPSS 27th2026-05-13 - CVE-2026-35386High · CVSS 8.1 · EPSS 16th2026-04-02