VYPR

CWE-184

Incomplete List of Disallowed Inputs

BaseDraft

Description

The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.

Hierarchy (View 1000)

Children

Related attack patterns (CAPEC)

CAPEC-120 · CAPEC-15 · CAPEC-182 · CAPEC-3 · CAPEC-43 · CAPEC-6 · CAPEC-71 · CAPEC-73 · CAPEC-85

CVEs mapped to this weakness (119)

page 2 of 6
  • CVE-2026-48557HigMay 29, 2026
    risk 0.50cvss 8.8epss 0.00

    Spatie Laravel Media Library before version 11.23.0 contains a file upload restriction bypass in FileAdder::defaultSanitizer(). The sanitizer checks only the final filename suffix, allowing double-extension filenames such as shell.php.jpg to bypass the blocklist, with pathinfo()…

  • CVE-2026-45006HigMay 11, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.4.23 contains an improper access control vulnerability in the gateway tool's config.apply and config.patch operations that allows compromised models to write unsafe configuration changes by bypassing an incomplete denylist protection. Attackers can persist…

  • CVE-2026-44115HigMay 6, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.4.22 contains an exec allowlist analysis vulnerability allowing shell expansion hiding in unquoted heredoc bodies. Attackers can bypass allowlist validation by embedding shell expansion tokens in heredoc bodies to execute unapproved commands at runtime.

  • CVE-2026-43584HigMay 6, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.4.10 contains an insufficient environment variable denylist vulnerability in its exec environment policy that allows operator-supplied overrides of high-risk interpreter startup variables including VIMINIT, EXINIT, LUA_INIT, and HOSTALIASES. Attackers can…

  • CVE-2026-41934HigMay 6, 2026
    risk 0.50cvss 8.8epss 0.01

    Vvveb before version 1.0.8.2 contains an authenticated remote code execution vulnerability in the admin code editor that allows low-privilege authenticated users to execute arbitrary code through insufficient file extension restrictions, with the uploaded payload then executable…

  • CVE-2026-42435HigMay 5, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw versions from 2026.2.22 before 2026.4.12 contain an insufficient shell-wrapper detection vulnerability allowing attackers to inject environment variable assignments at the argv level. Attackers can bypass exec preflight handling to manipulate high-risk shell variables…

  • CVE-2026-34430HigApr 1, 2026
    risk 0.50cvss 8.8epss 0.00

    ByteDance DeerFlow versions prior to commit 92c7a20 contain a sandbox escape vulnerability in bash tool handling that allows attackers to execute arbitrary commands on the host system by bypassing regex-based validation using shell features such as directory changes and…

  • CVE-2026-44463HigMay 28, 2026
    risk 0.49cvss 8.6epss 0.00

    Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed by prepending environment variable assignments to allowlisted commands, hijacking program behavior (e.g., PAGER) to execute arbitrary code. This vulnerability is fixed in 0.229.0.

  • CVE-2026-1773HigFeb 24, 2026
    risk 0.49cvss 7.5epss 0.00

    IEC 60870-5-104 used in RTU500: Potential Denial of Service impact on reception of invalid U-format frame. Product is only affected if IEC 60870-5-104 bi-directional functionality is configured. Enabling secure communication following IEC 62351-3 does not remediate the…

  • CVE-2026-43991HigMay 12, 2026
    risk 0.48cvss 8.4epss 0.00

    JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, substring-based blocklist in plugin-shell's command-safety check could be bypassed by adversarial argument constructions, allowing unauthorized command execution on the host when combined with…

  • CVE-2022-50238HigSep 8, 2025
    risk 0.48cvss 7.4epss 0.00

    The on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online Microsoft recommended driver block rules. Some entries present on the online list have been excluded from the on-endpoint blocklist longer than the expected periodic monthly Windows…

  • CVE-2026-53866HigJun 16, 2026
    risk 0.46cvss 8.1epss 0.00

    OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in shell inline-command parsing that allows authenticated operators to execute unapproved commands. A command request using shell inline-command forms could route through a parser case missing the expected…

  • CVE-2026-53864HigJun 16, 2026
    risk 0.46cvss 8.1epss 0.00

    OpenClaw before 2026.5.26 contains an insufficient sanitization vulnerability in the host environment sanitizer that allows Node.js control variables to bypass validation. Attackers with access to workspace .env files, tool environment overrides, or skill environment blocks can…

  • CVE-2026-53855HigJun 16, 2026
    risk 0.46cvss 8.1epss 0.00

    OpenClaw before 2026.4.2 contains an inline-eval bypass vulnerability allowing authenticated operators to weaken strict allowlist checks via shell positional parameters. Attackers can combine allowlisted tools with shell positional arguments to place inline-eval content in shell…

  • CVE-2026-42590HigMay 14, 2026
    risk 0.46cvss 8.2epss 0.00

    Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.30.0, The ExifTool metadata write blocklist in Gotenberg can be bypassed using ExifTool's group-prefix syntax, enabling arbitrary file rename, move, hardlink, and symlink creation on the server. ExifTool…

  • CVE-2026-40893HigMay 14, 2026
    risk 0.46cvss 8.2epss 0.00

    Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg only checks if the tag is exactly FileName, so System:FileName slips right through and ExifTool happily renames the file. This allows remote attackers to move, rename, and change permissions…

  • CVE-2018-5968HigJan 22, 2018
    risk 0.46cvss 8.1epss 0.07

    FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist.

  • CVE-2026-45741higMay 29, 2026
    risk 0.45cvss epss 0.00

    ### Summary `IsPublicIP` in `pkg/gotenberg/outbound.go` incorrectly classifies IPv6 6to4 / NAT64 / deprecated site-local addresses as public IPs, allowing an unauthenticated attacker to reach internal destinations (e.g., cloud metadata services at `169.254.169.254`) via a…

  • CVE-2026-44114HigMay 6, 2026
    risk 0.44cvss 7.8epss 0.00

    OpenClaw before 2026.4.20 fails to properly reserve the OPENCLAW_ runtime-control environment namespace in workspace dotenv files, allowing attackers to override critical runtime variables. Malicious workspaces can set variables like OPENCLAW_GIT_DIR to manipulate trusted…

  • CVE-2026-41206HigApr 23, 2026
    risk 0.44cvss 7.8epss 0.00

    PySpector is a static analysis security testing (SAST) Framework engineered for modern Python development workflows. The plugin security validator in PySpector uses AST-based static analysis to prevent dangerous code from being loaded as plugins. Prior to version 0.1.8, the…