CWE-386— Symbolic Name not Mapping to Correct Object
A constant symbolic reference to an object is used, even though the reference can resolve to a different object over time.— MITRE CWE catalog
2 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-386page 1 of 1
- CVE-2024-3852HIGHCVSS 7.5EG 7.52024-04-16
GetBoundName could return the wrong version of an object when JIT optimizations were applied. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
- CVE-2026-53081HIGHCVSS 7.8EG 7.82026-06-24
In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce regsafe base id consistency for BPF_ADD_CONST scalars When regsafe() compares two scalar registers that both carry BPF_ADD_CONST, check_scalar_ids() maps th…
Map vulnerabilities like CWE-386 to your infrastructure
EchelonGraph correlates every CVE — across CWE-386 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →