9 vulnerabilities classified as CWE-392 (错误条件报告缺失). AI Chinese analysis included.
CWE-392 represents a critical software weakness where an application encounters an error but fails to communicate this failure through a status code or return value. This omission prevents calling functions or upstream systems from detecting the fault, leading to silent failures that can corrupt data or cause unpredictable system behavior. Attackers typically exploit this by triggering specific error conditions, such as malformed inputs or resource exhaustion, to induce silent crashes or bypass security checks that rely on explicit error signaling. To mitigate this risk, developers must implement robust error handling mechanisms that ensure every potential failure point returns a distinct, non-zero status code or throws a specific exception. By validating return values and logging detailed error contexts, programmers enable proper recovery procedures and maintain system integrity, ensuring that errors are visible and actionable rather than hidden.
try { // Something that may throw an exception. ... } catch (Throwable t) { logger.error("Caught: " + t.toString()); return; }| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-42246 | net-imap vulnerable to STARTTLS stripping via invalid response timing — net-imap | 5.9AI | MediumAI | 2026-05-09 |
| CVE-2026-20005 | Cisco多款产品 安全漏洞 — Cisco Secure Firewall Threat Defense (FTD) Software | 5.8 | Medium | 2026-03-04 |
| CVE-2025-59398 | libocpp 安全漏洞 — libocpp | 3.1 | Low | 2025-09-15 |
| CVE-2025-23270 | NVIDIA Jetson Linux 安全漏洞 — Jetson Orin, IGX Orin and Xavier Devices | 7.1 | High | 2025-07-17 |
| CVE-2025-26268 | Dragonfly 安全漏洞 — Dragonfly | 3.3 | Low | 2025-04-17 |
| CVE-2025-32743 | Linux ConnMan 安全漏洞 — ConnMan | 9.0 | Critical | 2025-04-10 |
| CVE-2024-12797 | RFC7250 handshakes with unauthenticated servers don't abort as expected — OpenSSL | 7.4 | - | 2025-02-11 |
| CVE-2023-48430 | Siemens SINEC INS 安全漏洞 — SINEC INS | 2.7 | Low | 2023-12-12 |
| CVE-2017-2342 | SRX Series: MACsec failure to report errors — Junos OS | 6.5 | - | 2017-07-14 |
Vulnerabilities classified as CWE-392 (错误条件报告缺失) represent 9 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.