SANS Top 25
What is SANS Top 25?
SANS Top 25An annually published list, maintained by MITRE with the SANS Institute, ranking the most dangerous software weaknesses based on real CVE data.
The SANS Top 25, formally the CWE Top 25 Most Dangerous Software Weaknesses, is a list compiled by MITRE in collaboration with the SANS Institute and the CWE community. It ranks the Common Weakness Enumeration (CWE) entries that appear most frequently and have the most severe impact in real-world vulnerabilities, computed from CVE records, NVD CVSS scores, and KEV indicators. Categories include weaknesses such as Out-of-Bounds Write, Cross-Site Scripting, SQL Injection, Improper Authentication, and Use After Free. Engineering teams, procurement programs, secure-coding standards, and AppSec tooling use the list to prioritize defenses, training, and code reviews. The list is updated annually.
● Examples
- 01
An engineering team adding CWE Top 25 lint rules and SAST checks to every pull request.
- 02
A procurement team requiring suppliers to demonstrate testing against the SANS Top 25 weaknesses.
● Frequently asked questions
What is SANS Top 25?
An annually published list, maintained by MITRE with the SANS Institute, ranking the most dangerous software weaknesses based on real CVE data. It belongs to the Compliance & Frameworks category of cybersecurity.
What does SANS Top 25 mean?
An annually published list, maintained by MITRE with the SANS Institute, ranking the most dangerous software weaknesses based on real CVE data.
How do you defend against SANS Top 25?
Defences for SANS Top 25 typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for SANS Top 25?
Common alternative names include: CWE Top 25, CWE Top 25 Most Dangerous Software Weaknesses.