CWE-1116— Inaccurate Source Code Comments
The source code contains comments that do not accurately describe or explain aspects of the portion of the code with which the comment is associated.— MITRE CWE catalog
4 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-1116page 1 of 1
- CVE-2022-30351HIGHCVSS 7.5EG 7.52023-03-30
PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to correctly remove redacted information from a supplied PDF file, does not properly sanitize this information in all cases, causing redacted informati…
- CVE-2022-48339HIGHCVSS 7.8EG 9.82023-02-20
An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. …
- CVE-2025-1219MEDIUMCVSS 5.3EG 5.32025-03-30
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-type header is used to determine the ch…
- CVE-2025-47271MEDIUMCVSS 6.3EG 6.32025-05-12
The OZI action is a GitHub Action that publishes releases to PyPI and mirror releases, signature bundles, and provenance in a tagged release. In versions 1.13.2 through 1.13.5, potentially untrusted data flows into PR creation logic. A mal…
Map vulnerabilities like CWE-1116 to your infrastructure
EchelonGraph correlates every CVE — across CWE-1116 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →