CWE•Variant•Draft•7 recent CVEs

CWE-313Cleartext Storage in a File or on Disk

Description

The product stores sensitive information in cleartext in a file, or on disk.

The sensitive information could be read by attackers with access to the file, or with physical or administrator access to the raw disk. Even if the information is encoded in a way that is not human-readable, certain techniques could determine which encoding is being used, then decode the information.

Common consequences

Confidentiality→Read Application Data

Recent CVEs classified under this CWE

CVE-2025-43976.82026-05-07 CVE-2026-65984.32026-04-20 CVE-2026-55315.32026-04-05 CVE-2025-148362.72025-12-17 CVE-2025-67482.12025-06-27 CVE-2023-356995.32023-07-10 CVE-2018-106226.82018-08-10

Description

Common consequences

Related CWEs

Recent CVEs classified under this CWE