CWE-687: Function Call With Incorrectly Specified Argument Value
low-riskThe product calls a function, procedure, or routine, but the caller specifies an argument that contains the wrong value, which may lead to resultant weaknesses.
Abstraction: Variant
Common Consequences
Other
→
Quality Degradation
Detection Methods
Manual Static Analysis
This might require an understanding of intended program behavior or design to determine whether the value is incorrect.
Real-World Examples (3)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2024-36985 | 8.8 | 46.9% | — |
| CVE-2025-22620 | 5.0 | 0.9% | — |
| CVE-2024-49603 | 4.3 | 0.2% | — |
12
/ 100
low-risk
Active Threat
12/50 · Low
Exploit Availability
0/50 · Minimal