VYPR

CWE-184

Incomplete List of Disallowed Inputs

BaseDraft

Description

The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.

Hierarchy (View 1000)

Children

Related attack patterns (CAPEC)

CAPEC-120 · CAPEC-15 · CAPEC-182 · CAPEC-3 · CAPEC-43 · CAPEC-6 · CAPEC-71 · CAPEC-73 · CAPEC-85

CVEs mapped to this weakness (119)

page 1 of 6
  • CVE-2026-41265CriApr 23, 2026
    risk 0.64cvss 9.8epss 0.00

    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the Airtable_Agents class. The issue results from the lack of proper sandboxing when evaluating an LLM generated python…

  • CVE-2026-41264CriApr 23, 2026
    risk 0.64cvss 9.8epss 0.01

    Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the CSV_Agents class. The issue results from the lack of proper sandboxing when evaluating an LLM generated python script.…

  • CVE-2023-3374CriSep 5, 2023
    risk 0.64cvss 9.8epss 0.01

    Incomplete List of Disallowed Inputs vulnerability in Unisign Bookreen allows Privilege Escalation.This issue affects Bookreen: before 3.0.0.

  • CVE-2017-0909CriNov 16, 2017
    risk 0.64cvss 9.8epss 0.02

    The private_address_check ruby gem before 0.4.1 is vulnerable to a bypass due to an incomplete blacklist of common private/local network addresses used to prevent server-side request forgery.

  • CVE-2017-7540CriJul 21, 2017
    risk 0.64cvss 9.8epss 0.02

    rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation.

  • CVE-2018-6383HigJan 29, 2018
    risk 0.61cvss 8.8epss 0.14

    Monstra CMS through 3.0.4 has an incomplete "forbidden types" list that excludes .php (and similar) file extensions but not the .pht or .phar extension, which allows remote authenticated Admins or Editors to execute arbitrary PHP code by uploading a file, a different…

  • CVE-2025-58361CriSep 4, 2025
    risk 0.60cvss 9.3epss 0.00

    Promptcraft Forge Studio is a toolkit for evaluating, optimizing, and maintaining LLM-powered applications. All versions contain an non-exhaustive URL scheme check that does not protect against XSS. User-controlled URLs pass through src/utils/validation.ts, but the check only…

  • CVE-2017-7525CriFeb 6, 2018
    risk 0.60cvss 9.8epss 0.38

    A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.

  • CVE-2024-30103HigJun 11, 2024
    risk 0.58cvss 8.8epss 0.03

    Microsoft Outlook Remote Code Execution Vulnerability

  • CVE-2018-7489CriFeb 26, 2018
    risk 0.58cvss 9.8epss 0.21

    FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the…

  • CVE-2026-34415CriApr 22, 2026
    risk 0.57cvss 9.8epss 0.04

    Xerte Online Toolkits versions 3.15 and earlier contain an incomplete input validation vulnerability in the elFinder connector endpoint that fails to block PHP-executable extensions .php4 due to an incorrect regex pattern. Unauthenticated attackers can exploit this flaw combined…

  • CVE-2017-15095CriFeb 6, 2018
    risk 0.57cvss 9.8epss 0.08

    A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the…

  • CVE-2026-43929HigMay 12, 2026
    risk 0.53cvss 8.2epss 0.00

    ssrfcheck is a library that checks if a string contains a potential SSRF attack. In 1.3.0 and earlier, ssrfcheck fails to block Server-Side Request Forgery attacks when the target private IP address is encoded as an IPv4-mapped IPv6 address (e.g. http://[::ffff:127.0.0.1]/). The…

  • CVE-2025-58353HigSep 4, 2025
    risk 0.53cvss 8.2epss 0.00

    Promptcraft Forge Studio is a toolkit for evaluating, optimizing, and maintaining LLM-powered applications. All versions of Promptcraft Forge Studio sanitize user input using regex blacklists such as r`eplace(/javascript:/gi, '')`. Because the package uses multi-character…

  • CVE-2026-47392criMay 29, 2026
    risk 0.52cvss epss 0.00

    ## Summary `execute_code()` in `praisonaiagents/tools/python_tools.py` (v1.6.37, subprocess sandbox mode) can be fully bypassed using `print.__self__` to retrieve the real Python `builtins` module, from which `__import__` can be extracted via `vars()` and runtime string…

  • CVE-2026-43578CriMay 6, 2026
    risk 0.52cvss 9.1epss 0.00

    OpenClaw versions 2026.3.31 before 2026.4.10 contain a privilege escalation vulnerability where heartbeat owner downgrade detection misses local background async exec completion events. Attackers can exploit this by providing untrusted completion content to leave a run in a more…

  • CVE-2026-43566CriMay 5, 2026
    risk 0.52cvss 9.1epss 0.00

    OpenClaw versions 2026.4.7 before 2026.4.14 contain a privilege escalation vulnerability where heartbeat owner downgrade logic skips webhook wake events carrying untrusted content. Attackers can exploit this by sending untrusted webhook wake events to preserve owner-like…

  • CVE-2026-34177CriApr 9, 2026
    risk 0.52cvss 9.1epss 0.00

    Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden (lxd/project/limits/permissions.go), which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under the restricted.virtual-machines.lowlevel=block project…

  • CVE-2015-5946HigAug 7, 2017
    risk 0.51cvss 7.8epss 0.02

    Incomplete blacklist vulnerability in SuiteCRM 7.2.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension.

  • CVE-2026-53836HigJun 12, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in PowerShell encoded-command handling that allows attackers to execute encoded commands using abbreviated flag aliases not recognized by the allowlist parser. Remote authenticated operators can bypass…