CWE-40 is a common weakness enumeration in software security. This database tracks 2 CVE vulnerabilities classified under this weakness type.

How many CVEs are classified as CWE-40?

There are 2 CVE vulnerabilities classified as CWE-40 with an average CVSS score of 4.85.

What is the severity distribution for CWE-40?

CWE-40 contains 0 critical, 0 high, 2 medium, and 0 low severity vulnerabilities.

CWE-40

Total CVEs

Vulnerabilities

Avg CVSS v3

4.9

Medium

Latest CVE

2025

Most Recent

Severity Distribution

Critical 0

High 0

Medium 2

100%

Low 0

External References

MITRE CWE

Official CWE definition

NIST NVD

Search CVEs by CWE

All CVEs (2)

Page 1 of 1

CVE-2025-32103

MEDIUM

CVSS:5.0(Medium)

CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows directory traversal via the /WebInterface/function/ URI to read files accessible by SMB at UNC share pathnames, bypassing SecurityMa...

CWE-402025

CVE-2023-29446

MEDIUM

CVSS:4.7(Medium)

An improper input validation vulnerability has been discovered that could allow an adversary to inject a UNC path via a malicious project file. This allows an adversary to capture NLTMv2 hashes and po...

CWE-402023