LIVE NEWSROOM · --:-- · May 25, 2026

A LIBRARY FOR SECURITY RESEARCHERS

CWE WEAKNESSES / CWE-248

CWE-248

Uncaught Exception

Base

What it is

An exception is thrown from a function, but it is not caught.

When an exception is not caught, it may cause the program to crash or expose sensitive information.

Impact

Availability, Confidentiality

DoS: Crash, Exit, or Restart, Read Application Data

Real-world CVE examples

CVE-2023-41151 — SDK for OPC Unified Architecture (OPC UA) server has uncaught exception when a socket is blocked for writing but the server tries to send an error
CVE-2023-21087 — Java code in a smartphone OS can encounter a "boot loop" due to an uncaught exception

Related weaknesses

CWE-705 (childof)CWE-755 (childof)CWE-703 (childof)

Test & detect

Browse all common weaknesses, check related exploited CVEs, or map to ATT&CK techniques.

Source: MITRE CWE. View on cwe.mitre.org →