CWE-351: Insufficient Type Distinction
low-riskThe product does not properly distinguish between different types of elements in a way that leads to insecure behavior.
Abstraction: Base
Common Consequences
Other
→
Other
Real-World Examples (10)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2023-38831 | 7.8 | 93.9% | Y |
| CVE-2024-4769 | 5.9 | 0.8% | — |
| CVE-2022-1642 | 7.5 | 0.2% | — |
| CVE-2025-47939 | 5.4 | 0.1% | — |
| CVE-2020-10134 | 6.3 | 0.1% | — |
| CVE-2025-30510 | 9.8 | 0.1% | — |
| CVE-2025-32035 | 2.6 | 0.1% | — |
| CVE-2024-45676 | 4.3 | 0.1% | — |
| CVE-2025-65960 | 6.6 | 0.0% | — |
| CVE-2023-2866 | 7.3 | 0.0% | — |
7
/ 100
low-risk
Active Threat
4/50 · Minimal
Exploit Availability
3/50 · Minimal