Home/CWE/Logging of Excessive Data
Weakness

Logging of Excessive Data

CWE-779 · Base · Draft

The product logs too much information, making log files hard to process and possibly hindering recovery efforts or forensic analysis after an attack.

Extended description

While logging is a good practice in general, and very high levels of logging are appropriate for debugging stages of development, too much logging in a production environment might hinder a system administrator's ability to detect anomalous conditions. This can provide cover for an attacker while attempting to penetrate a system, clutter the audit trail for forensic analysis, or make it more difficult to debug problems in a production environment.

Weakness Relationships

Where this weakness sits in the CWE hierarchy. Walk up to broader classes or down to more specific variants.
Parent of this (broader)
ChildOfCWE-400 · Uncontrolled Resource Consumption

CVEs With This Weakness

20
A sample of the 20 CVEs tagged with this weakness.
CVECVE-2026-28718
CVECVE-2026-20210
CVECVE-2026-20209
CVECVE-2025-8696
CVECVE-2025-69230
CVECVE-2025-53636
CVECVE-2025-51397
CVECVE-2024-55628
CVECVE-2024-36416
CVECVE-2024-36072
CVECVE-2024-1141
CVECVE-2023-23949
External lookups - second-class, for what we don’t hold ourselves
MITRE CWE
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin