VYPR

CWE-162

Improper Neutralization of Trailing Special Elements

VariantIncomplete

Description

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes trailing special elements that could be interpreted in unexpected ways when they are sent to a downstream component.

As data is parsed, improperly handled trailing special elements may cause the process to take unexpected actions that result in an attack.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-635

CVEs mapped to this weakness (1)

  • CVE-2026-47241lowJun 9, 2026
    risk 0.00cvss epss 0.00

    ### Summary Several Net::IMAP commands accept a raw string argument which is only validated to prevent CRLF injection and then sent verbatim. If this string is derived from user-controlled input, an attacker can force the next command to be absorbed as a continuation of the…