Cyber Resilience

CWE · MITRE source

CWE-696Incorrect Behavior Order

Abstraction: Class · CVEs in our corpus: 35

The product performs multiple related behaviors, but the behaviors are performed in the wrong order in ways that may produce resultant weaknesses.

Last updated: 04 July 2026 13:15 UTC

Cumulative inbound coverage

How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.

Collective: partial · 1 mapping(s) from 1 framework(s): CAPEC 1 (partial)

See the full cumulative-coverage rollup →

NIST 800-53 r5 controls that address this weakness (0)AI

Control Title Family Why it addresses this CWE
No NIST controls proposed yet.

Top CVEs of this weakness type, ranked by Risk Priority

CVE Risk CVSS EPSS Published
CVE-2021-313795.57.50.01292021-10-19
CVE-2021-225695.57.50.01652022-01-10
CVE-2023-332245.57.20.02792023-07-26
CVE-2024-248535.57.20.00232024-08-14
CVE-2025-01505.57.10.00462025-03-11
CVE-2025-314855.57.50.00412025-04-03
CVE-2026-356375.57.30.00252026-04-09
CVE-2026-405835.58.20.00382026-04-21
CVE-2026-45033 UPD5.57.80.00352026-05-13
CVE-2023-443863.55.30.00602023-10-05
CVE-2023-235763.54.30.00282023-12-18
CVE-2024-304103.55.80.00362024-04-12
CVE-2024-303893.55.80.00362024-04-12
CVE-2024-352293.55.30.00402024-05-27
CVE-2024-45157 UPD3.55.10.00242024-09-05
CVE-2023-529683.54.90.00402025-03-08
CVE-2025-20012 UPD3.54.90.00202025-05-13
CVE-2021-476883.55.70.00162025-06-23
CVE-2025-48965 UPD3.54.00.00462025-07-20
CVE-2025-551143.55.30.00362025-09-16
CVE-2025-99043.55.30.00362025-09-29
CVE-2026-333053.55.40.00212026-03-19
CVE-2026-356273.56.50.00452026-04-09
CVE-2026-356363.56.50.00262026-04-09
CVE-2026-356403.55.30.00442026-04-09