The existence of a weak point or error in the design or implementation of a computer program that may enable a non-legitimate user to access data remotely or perform unauthorized operations in the same way, thus compromising the security of a system, a network, an application or a communication protocol.

Security holes may be used by attackers in their exploits, being able to access systems for malicious purposes.