To create this list, MITRE scored each weakness based on its prevalence and severity. The organization analyzed data for 37,899 CVEs from NIST's National Vulnerability Database (NVD) and CISA's Known Exploited Vulnerabilities (KEV) Catalog.
How can bugs harm the system?
The software bugs can potentially be a medium to expose the systems they're running on to attacks.
This could enable threat actors to take control of affected devices, and gain access to sensitive information.
Impact of the bugs
The top 25 bugs mentioned in MITRE's list are considered highly critical because they're usually easy to discover, come with a high impact, and are prevalent in software released during the last two years.
Bugs, which fall under the software weaknesses category also include flaws, vulnerabilities, and various other errors found extensively in software solutions' code, architecture, implementation, or design.
Conclusion
Every year, vulnerabilities that are commonly exploited by threat actors, and represent substantial risks to large enterprises, are continuously published by cybersecurity authorities around the world.