1. Out-of-bounds Write
2. Improper Input Validation
3. Out-of-bounds Read
4. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
5. Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
6. Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
7. Use After Free
8. Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
9. Cross-Site Request Forgery (CSRF)
10. Unrestricted Upload of File with Dangerous Type
11. Missing Authentication for Critical Function
12. Integer Overflow or Wraparound
13. Deserialization of Untrusted Data
14. Improper Authentication
15. NULL Pointer Dereference
16. Use of Hard-coded Credentials
17. Improper Restriction of Operations within the Bounds of a Memory Buffer
18. Missing Authorization
19. Incorrect Default Permissions
20. Exposure of Sensitive Information to an Unauthorized Actor
21. Insufficiently Protected Credentials
22. Incorrect Permission Assignment for Critical Resource
23. Improper Restriction of XML External Entity Reference
24. Server-Side Request Forgery (SSRF)
25. Improper Neutralization of Special Elements used in a Command ('Command Injection')
26. MindMap By: Harsh Bothra