Description
The code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated.
Extended Description
This weakness captures cases in which a particular code segment is always incorrect with respect to the algorithm that it is implementing. For example, if a C programmer intends to include multiple statements in a single block but does not include the enclosing braces (CWE-483), then the logic is always incorrect. This issue is in contrast to most weaknesses in which the code usually behaves correctly, except when it is externally manipulated in malicious ways.
CVE vulnerabilities with CWE-670 (165)
9.8
CVSS
CRITICAL
CVE-2025-43359
pub. 2025-09-15
9.8
CVSS
CRITICAL
CVE-2022-25745
pub. 2023-04-13
9.8
CVSS
CRITICAL
CVE-2020-1914
pub. 2020-10-08
9.8
CVSS
CRITICAL
CVE-2020-17466
pub. 2020-08-11
9.8
CVSS
CRITICAL
CVE-2019-17192
pub. 2019-10-05
9.3
CVSS
CRITICAL
CVE-2025-24800
pub. 2025-01-28
9.1
CVSS
CRITICAL
CVE-2026-55276
pub. 2026-06-29
9.1
CVSS
CRITICAL
CVE-2025-29312
pub. 2025-03-24
9.0
CVSS
CRITICAL
CVE-2024-32971
pub. 2024-05-02
8.8
CVSS
HIGH
CVE-2023-31211
pub. 2024-01-12
8.8
CVSS
HIGH
CVE-2023-20558
pub. 2023-04-02
8.8
CVSS
HIGH
CVE-2018-16766
pub. 2018-09-10
8.7
CVSS
HIGH
CVE-2026-33011
pub. 2026-03-20
8.7
CVSS
HIGH
CVE-2026-1874
pub. 2026-03-03
8.7
CVSS
HIGH
CVE-2021-41153
pub. 2021-10-18
8.6
CVSS
HIGH
CVE-2024-20480
pub. 2024-09-25
8.6
CVSS
HIGH
CVE-2022-2993
pub. 2022-12-09
8.3
CVSS
HIGH
CVE-2024-5659
pub. 2024-06-14
8.2
CVSS
HIGH
CVE-2025-49091
pub. 2025-06-11
8.2
CVSS
HIGH
CVE-2024-52811
pub. 2024-11-25
Showing 20 of 165 vulnerabilities