Pervasiveness of Internet‐based applications and computing devices has increased cybersecurity threats for wide range of users. Studies have shown that application security flaws have their roots in programming languages used for application development. Some vulnerabilities are due to programmer's negligence and others are due to the vulnerabilities present in the programming languages and their libraries. Developers may not be aware of the existing flaws in the programming languages and do not have time to take necessary measures as they develop applications. To cope with the challenge, this article proposes a security feature framework for programming languages to understand various exploitations and possible mitigations in programming languages. This security feature framework can be used to evaluate existing programming languages for potential vulnerabilities, level of security support, and the language features needed to mitigate these vulnerabilities. Moreover, language designers may use this framework as a guide to ensure that the language being designed has necessary and sufficient security feature set. The proposed security feature framework is then applied to several popular programming languages to evaluate the level of security feature coverage and gaps in these languages along with some recommendations on how to address these gaps.