Cyber Resilience

CWE · MITRE source

CWE-404Improper Resource Shutdown or Release

Abstraction: Class · CVEs in our corpus: 728

The product does not release or incorrectly releases a resource before it is made available for re-use.

When a resource is created or allocated, the developer is responsible for properly releasing the resource as well as accounting for all potential paths of expiration or invalidation, such as a set period of time or revocation.

Last updated: 04 July 2026 00:28 UTC

Cumulative inbound coverage

How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.

Collective: partial · 3 mapping(s) from 2 framework(s): ATT&CK 2 (partial) · CAPEC 1 (partial)

See the full cumulative-coverage rollup →

NIST 800-53 r5 controls that address this weakness (4)AI

Control Title Family Why it addresses this CWE
SC-10Network DisconnectSCMandates explicit shutdown of the network connection at session conclusion, directly addressing improper resource release.
SC-4Information in Shared System ResourcesSCRequires proper shutdown/release procedures that include overwriting or isolating data to block unintended transfer via reused system objects.
CP-5Contingency Plan UpdateCPContingency plan updates incorporate proper resource shutdown and release steps, preventing attackers from leveraging incomplete cleanup during recovery scenarios.
SI-17Fail-safe ProceduresSIProcedures can mandate orderly shutdown or release of resources when failures occur, preventing improper resource handling after a fault.

MITRE ATT&CK techniques this weakness enables

Our own two-way CWE↔ATT&CK cross-walk — a direct mapping with no public source (the CWE→CAPEC→ATT&CK chain leaves most top weaknesses, incl. XSS and SQLi, mapped to nothing). Drafted by Grok and spot-checked by Claude Opus 4.8.

Direction: other covers this; this covers other (F/M/P = full / mostly / partial).

Top CVEs of this weakness type, ranked by Risk Priority

CVE Risk CVSS EPSS Published
CVE-2017-6627 KEV10.07.50.06042017-09-07
CVE-2018-8120 KEV10.07.00.73722018-05-09
CVE-2018-8405 KEV10.07.80.03442018-08-15
CVE-2018-8406 KEV10.07.80.03442018-08-15
CVE-2018-8611 KEV10.07.80.04162018-12-12
CVE-2018-8639 KEV10.07.80.22352018-12-12
CVE-2022-442678.06.50.76582023-02-06
CVE-2023-244447.09.80.01152023-01-26
CVE-2024-316117.09.10.00572024-06-10
CVE-2018-82106.07.80.24712018-06-14
CVE-2018-84506.08.80.16082018-11-14
CVE-2023-32066.05.30.18712023-06-12
CVE-2025-11036.06.50.11272025-02-07
CVE-2010-40385.57.50.01672010-10-21
CVE-2016-82125.57.50.01922017-02-03
CVE-2017-11455.58.60.01912017-03-20
CVE-2017-56505.57.50.08282017-04-17
CVE-2016-103635.57.50.01322017-06-16
CVE-2012-28055.57.50.01922017-08-28
CVE-2017-07695.57.80.00412017-09-08
CVE-2017-110165.57.80.00142017-12-05
CVE-2017-114805.57.50.01442017-12-08
CVE-2017-10004115.57.50.01602018-01-31
CVE-2018-65925.57.80.00302018-02-19
CVE-2018-81245.57.00.01152018-05-09