The product logs too much information, making log files hard to process and possibly hindering recovery efforts or forensic analysis after an attack.

What CVEs are caused by CWE-779?

18 recorded CVEs are attributed to CWE-779, including CVE-2024-36072, CVE-2024-36416, CVE-2023-23949.

How do you prevent CWE-779?

Suppress large numbers of duplicate log messages and replace them with periodic summaries. For example, syslog may include an entry that states "last message repeated X times" when recording repeated events.

How is CWE-779 detected?

Automated Static Analysis: Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)

What are the consequences of CWE-779?

Exploiting CWE-779 can lead to: DoS: Resource Consumption (CPU), DoS: Resource Consumption (Other), Hide Activities.

Is CWE-779 actively exploited?

18 recorded CVEs are caused by CWE-779; none are currently in CISA's KEV catalog of actively exploited flaws.

CWE-779: Logging of Excessive Data

Real-world CVEs

18 recorded CVEs are caused by CWE-779 (Logging of Excessive Data). The highest-severity and most recent are shown first. 4 new CWE-779 CVEs have been recorded so far in 2026 (2 in 2025).

CVE-2024-36072
Critical · CVSS 9.8 · EPSS 91th
2024-06-27
CVE-2024-36416
High · CVSS 8.6 · EPSS 98th
2024-06-10
CVE-2023-23949
High · CVSS 8.1 · EPSS 73th
2023-01-24
CVE-2025-8696
DoS attack against the Stork UI from an unauthenticated user
High · CVSS 7.5 · EPSS 46th
2025-09-10
CVE-2022-31004
High · CVSS 7.5 · EPSS 35th
2022-05-25
CVE-2024-1141
Glance-store: glance store access key logged in debug log level
Medium · CVSS 5.5 · EPSS 11th
2024-02-01
CVE-2022-22291
Medium · CVSS 5.5 · EPSS 13th
2022-02-11
CVE-2026-20210
Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability
Medium · CVSS 5.4 · EPSS 10th
2026-05-14
CVE-2026-20209
Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability
Medium · CVSS 5.4 · EPSS 10th
2026-05-14
CVE-2025-51397
Medium · CVSS 5.4 · EPSS 75th
2025-07-21
CVE-2026-28718
Medium · CVSS 5.3 · EPSS 34th
2026-03-05
CVE-2022-25779
Medium · CVSS 4.3 · EPSS 57th
2022-05-04

Showing 12 of 18 recorded CWE-779 CVEs. Track new ones as they are published and get AI-written analysis and fixes.

Monitor CWE-779 vulnerabilities

CWE-779: Logging of Excessive Data

Real-world CVEs

CWE-779: Logging of Excessive Data

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to prevent it

How to detect it

Automated Static Analysis

Illustrative examples

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-779?

What CVEs are caused by CWE-779?

How do you prevent CWE-779?

How is CWE-779 detected?

What are the consequences of CWE-779?

Is CWE-779 actively exploited?

References

Stay ahead of CWE-779

Real-world CVEs

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to prevent it

How to detect it

Automated Static Analysis

Illustrative examples

Related weaknesses

Parent

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-779?

What CVEs are caused by CWE-779?

How do you prevent CWE-779?

How is CWE-779 detected?

What are the consequences of CWE-779?

Is CWE-779 actively exploited?

References

Stay ahead of CWE-779