CWE-1068 4 CVEs MITRE definition ↗

CWE-1068: Inconsistency Between Implementation and Documented Design

Overview

CWE-1068 (Inconsistency Between Implementation and Documented Design) documents a weakness type used across vulnerability databases and security assessments. Use the sections below for definition, context, and mapped CVEs.

Security impact
Security impact: Depends on product and context; use CVE records, severity scores, and MITRE guidance to prioritize.

Description

The implementation of the product is not consistent with the design as described within the relevant documentation.

Applicable platforms

Kind Name Class Prevalence OS / CPE
technology Not Technology-Specific Undetermined
technology ICS/OT Undetermined

Related CVEs in this database

These CVEs are mapped to this weakness in this database and kept for traceability and search.

CVE Published Summary
CVE-2026-8149 2026-05-08 A vulnerability in Legion of the Bouncy Castle Inc. BC-LTS on Linux, X86_64, AVX, AVX-512f. This vulnerability is associated with program files gcm128w, gcm512w. This issue affects BC-LTS: from 2…
CVE-2025-48905 2025-06-06 Wasm exception capture vulnerability in the arkweb v8 module Impact: Successful exploitation of this vulnerability may cause the failure to capture specific Wasm exception types.
CVE-2024-43798 2024-08-26 Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH. The Chisel server doesn't ever read the documented `AUTH` environment variable used to set credentials, which allows any unauth…
CVE-2024-3845 2024-04-17 Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass mixed content policy via a crafted HTML page. (Chromium security severity: Low)

Content submission

Name
CWE Content Team
Organization
MITRE
Date
2018-07-02
Version
3.2
Comment
Entry derived from Common Quality Enumeration (CQE) Draft 0.9.

Content modifications

Date Name Version Importance Comment
2020-02-24 CWE Content Team 4.0 updated Relationships
2023-01-31 CWE Content Team 4.10 updated Applicable_Platforms, Description, Relationships
2023-04-27 CWE Content Team 4.11 updated Relationships, Time_of_Introduction
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
2024-02-29 CWE Content Team 4.14 updated Mapping_Notes
2025-12-11 CWE Content Team 4.19 updated Common_Consequences, Description
cvelogic Threat Intelligence