threat
engine
.sh
Back
·
··:··
Home
/
CWE
/
Improper Handling of Exceptional Conditions
Weakness
Improper Handling of Exceptional Conditions
CWE-755 · Class · Incomplete
The product does not handle or incorrectly handles an exceptional condition.
△
Weakness Relationships
Where this weakness sits in the CWE hierarchy. Walk up to broader classes or down to more specific variants.
Parent of this (broader)
ChildOf
CWE-703 · Improper Check or Handling of Exceptional Conditions
Children (more specific)
ParentOf
CWE-209 · Generation of Error Message Containing Sensitive Information
ParentOf
CWE-248 · Uncaught Exception
ParentOf
CWE-274 · Improper Handling of Insufficient Privileges
ParentOf
CWE-280 · Improper Handling of Insufficient Permissions or Privileges
ParentOf
CWE-333 · Improper Handling of Insufficient Entropy in TRNG
ParentOf
CWE-390 · Detection of Error Condition Without Action
ParentOf
CWE-392 · Missing Report of Error Condition
ParentOf
CWE-395 · Use of NullPointerException Catch to Detect NULL Pointer Dereference
ParentOf
CWE-396 · Declaration of Catch for Generic Exception
ParentOf
CWE-460 · Improper Cleanup on Thrown Exception
ParentOf
CWE-544 · Missing Standardized Error Handling Mechanism
ParentOf
CWE-636 · Not Failing Securely ('Failing Open')
ParentOf
CWE-756 · Missing Custom Error Page
⚠
CVEs With This Weakness
664
A sample of the 664 CVEs tagged with this weakness.
CVE
CVE-2026-8162
CVE
CVE-2026-42545
CVE
CVE-2026-40074
CVE
CVE-2026-34065
CVE
CVE-2026-30798
CVE
CVE-2026-28542
CVE
CVE-2026-27809
CVE
CVE-2026-27586
CVE
CVE-2026-27195
CVE
CVE-2026-25957
CVE
CVE-2026-23762
CVE
CVE-2026-23666
◉
Nuclei Scanner Templates
2
Open-source Nuclei templates that detect this weakness class - an actionable scan-for-it pivot. Licensed under the ProjectDiscovery / Nuclei terms.
critical
OpenSMTPD 6.4.0-6.6.1 - Remote Code Execution
high
Zoho ManageEngine - getUserAPIKey Authentication Bypass
External lookups - second-class, for what we don’t hold ourselves
MITRE CWE
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin