The product misinterprets an input, whether from an attacker or another product, in a security-relevant fashion.
View on MITRENo mitigation information available for this CWE.
No detection method information available for this CWE.
Product sees dangerous file extension in free text of a group discussion, disconnects all users.
View DetailsProduct does not correctly import and process security settings from another product.
View DetailsNo relationship information available for this CWE.
CWE-115: Misinterpretation of Input is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The product misinterprets an input, whether from an attacker or another product, in a security-relevant fashion.
If exploited, CWE-115 (Misinterpretation of Input) it can compromise Integrity, leading to outcomes such as Unexpected State.
CWE-115 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.
MITRE documents real CVEs mapped to CWE-115, including CVE-2005-2225 and CVE-2001-0003. You can look up the full details of each CVE, including CVSS scores and remediation guidance, on our CVE Lookup tool.
A CWE (Common Weakness Enumeration) like CWE-115 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.