CWE-167
Improper Handling of Additional Special Element
BaseDraft
Description
The product receives input from an upstream component, but it does not handle or incorrectly handles when an additional unexpected special element is provided.
Hierarchy (View 1000)
CVEs mapped to this weakness (1)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-25006 | Med | 0.35 | 5.3 | 0.01 | Aug 12, 2025 | Improper handling of additional special element in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. |
- risk 0.35cvss 5.3epss 0.01
Improper handling of additional special element in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.