CWE-1023: Incomplete Comparison with Missing Factors
low-riskThe product performs a comparison between entities that must consider multiple factors or characteristics of each entity, but the comparison does not include one or more of these factors.
Abstraction: Class
Common Consequences
Integrity
→
Alter Execution Logic
Real-World Examples (7)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2021-23146 | 7.1 | 0.2% | — |
| CVE-2025-46722 | 4.2 | 0.2% | — |
| CVE-2024-5528 | 3.5 | 0.1% | — |
| CVE-2025-55333 | 6.1 | 0.1% | — |
| CVE-2026-4748 | 7.5 | 0.0% | — |
| CVE-2026-4599 | 9.1 | 0.0% | — |
| CVE-2025-62000 | 7.1 | 0.0% | — |
0
/ 100
low-risk
Active Threat
0/50 · Minimal
Exploit Availability
0/50 · Minimal