CWE-1357— Reliance on Insufficiently Trustworthy Component
The product is built from multiple separate components, but it uses a component that is not sufficiently trusted to meet expectations for security, reliability, updateability, and maintainability.— MITRE CWE catalog
4 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-1357page 1 of 1
- CVE-2024-26024HIGHCVSS 8.4EG 8.42024-05-28
SUBNET Solutions Inc. has identified vulnerabilities in third-party components used in Substation Server.
- CVE-2024-28042HIGHCVSS 8.4EG 8.42024-05-15
SUBNET Solutions Inc. has identified vulnerabilities in third-party components used in PowerSYSTEM Center.
- CVE-2024-3313HIGHCVSS 8.4EG 8.42024-04-09
SUBNET Solutions Inc. has identified vulnerabilities in third-party components used in PowerSYSTEM Server 2021 and Substation Server 2021.
- CVE-2025-32800CRITICALCVSS 9.8EG 9.82025-06-16
Conda-build contains commands and tools to build conda packages. Prior to version 25.3.0, the pyproject.toml lists conda-index as a Python dependency. This package is not published in PyPI. An attacker could claim this namespace and upload…
Map vulnerabilities like CWE-1357 to your infrastructure
EchelonGraph correlates every CVE — across CWE-1357 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →