Cyber Resilience

CWE · MITRE source

CWE-704Incorrect Type Conversion or Cast

Abstraction: Class · CVEs in our corpus: 269

The product does not correctly convert an object, resource, or structure from one type to a different type.

Last updated: 04 July 2026 14:16 UTC

Cumulative inbound coverage

How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.

Collective: partial · 5 mapping(s) from 1 framework(s): ATT&CK 5 (partial)

See the full cumulative-coverage rollup →

NIST 800-53 r5 controls that address this weakness (0)AI

Control Title Family Why it addresses this CWE
No NIST controls proposed yet.

MITRE ATT&CK techniques this weakness enables

Our own two-way CWE↔ATT&CK cross-walk — a direct mapping with no public source (the CWE→CAPEC→ATT&CK chain leaves most top weaknesses, incl. XSS and SQLi, mapped to nothing). Drafted by Grok and spot-checked by Claude Opus 4.8.

Direction: other covers this; this covers other (F/M/P = full / mostly / partial).

Top CVEs of this weakness type, ranked by Risk Priority

CVE Risk CVSS EPSS Published
CVE-2016-79797.09.80.06422017-05-23
CVE-2017-91837.09.80.01932017-05-23
CVE-2018-49447.09.80.08992018-05-19
CVE-2018-144037.09.80.02602018-07-19
CVE-2018-128127.09.80.08822018-07-20
CVE-2018-159817.09.80.11702018-11-29
CVE-2016-73987.09.80.06802019-09-06
CVE-2011-14607.09.80.00912019-11-05
CVE-2011-23377.09.80.00812019-11-07
CVE-2020-61517.09.80.01622020-09-01
CVE-2020-255767.09.80.01552020-09-14
CVE-2021-289187.09.10.16362021-04-01
CVE-2021-359427.09.10.02682021-07-22
CVE-2021-333187.09.80.01922022-05-16
CVE-2023-216517.09.30.00112023-08-08
CVE-2024-54367.09.80.00522024-05-31
CVE-2025-41646 UPD7.09.80.40732025-06-06
CVE-2025-41648 UPD7.09.80.00702025-07-01
CVE-2025-405397.09.10.00442026-02-24
CVE-2025-405407.09.10.00442026-02-24
CVE-2025-405417.09.10.00572026-02-24
CVE-2026-278097.09.10.00412026-02-26
CVE-2017-31066.08.80.22312017-08-11
CVE-2017-51156.08.80.26332017-10-27
CVE-2018-38436.08.80.24032018-04-19