VYPR

CWE-372

Incomplete Internal State Distinction

BaseDraft

Description

The product does not properly determine which state it is in, causing it to assume it is in state X when in fact it is in state Y, causing it to perform incorrect operations in a security-relevant manner.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-140 · CAPEC-74

CVEs mapped to this weakness (5)

  • CVE-2024-22590CriMay 28, 2024
    risk 0.59cvss 9.1epss 0.01

    The TLS engine in Kwik commit 745fd4e2 does not track the current state of the connection. This vulnerability can allow Client Hello messages to be overwritten at any time, including after a connection has been established.

  • CVE-2026-41388MedApr 28, 2026
    risk 0.35cvss 6.5epss 0.00

    OpenClaw before 2026.3.31 contains a configuration management vulnerability where startup migration treats empty-array settings as missing values. Attackers can restart the application to rehydrate revoked Tlon configuration from file state, bypassing intended revocation…

  • CVE-2026-41340MedApr 23, 2026
    risk 0.35cvss 6.5epss 0.00

    OpenClaw before 2026.3.31 contains an authentication boundary vulnerability where Telegram legacy allowFrom migration incorrectly fans default-account trust into all named accounts. Attackers can exploit this trust propagation to bypass authentication controls and gain…

  • CVE-2026-41300MedApr 21, 2026
    risk 0.35cvss 6.5epss 0.00

    OpenClaw before 2026.3.31 contains a trust-decline vulnerability that preserves attacker-discovered endpoints in remote onboarding flows. Attackers can route gateway credentials to malicious endpoints by having their discovered URL survive the trust decline process into manual…

  • CVE-2021-25735Sep 6, 2021
    risk 0.00cvss epss 0.05

    A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the…