Editing Vulnerability (computer security) (section)

===National Vulnerability Database classification===
{{missing information|section|the other causes|date=May 2025}}
The [[National Vulnerability Database]] classifies vulnerabilities into eight root causes that may be overlapping, including:{{sfn|Garg|Baliyan|2023|pp=17–18}}
#[[Improper input validation|Input validation]] vulnerabilities exist when [[input checking]] is not sufficient to prevent the attacker from injecting malicious code. [[Buffer overflow]] exploits, [[buffer underflow]] exploits, and [[boundary condition]] exploits typically take advantage of this category.{{sfn|Garg|Baliyan|2023|p=17}}
# [[Access control]] vulnerabilities enable an attacker to access a system that is supposed to be restricted to them, or engage in [[privilege escalation]].{{sfn|Garg|Baliyan|2023|p=17}}
#When the system fails to handle and exceptional or unanticipated condition correctly, an attacker can exploit the situation to gain access.{{sfn|Garg|Baliyan|2023|p=18}}
#Configuration vulnerability come into existence when configuration settings cause risks to the system security, leading to such faults as unpatched software or file system permissions that do not sufficiently restrict access.{{sfn|Garg|Baliyan|2023|p=18}}
#A [[race condition]]—when timing or other external factors change the outcome and lead to inconsistent or unpredictable results—can cause a vulnerability.{{sfn|Garg|Baliyan|2023|p=18}}