MITRE has released version 4.0 of the community-developed Common Weakness Enumeration (CWE) list. Previous CWE list versions describe common software security weaknesses. With version 4.0, the CWE list expands to include hardware security weaknesses. Additionally, version 4.0 simplifies the presentation of weaknesses into various views and adds a search function to enable easier navigation of the information.
The Cybersecurity and Infrastructure Security Agency (CISA) sponsors MITRE’s CWE program, which is a community-based initiative. CISA welcomes new partners to the CWE program. Visit https://cwe.mitre.org to learn how to get involved.