Search

Blog Stats Labs CLI MCP API Limits About Privacy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Blog Statistics Labs CLI Tool MCP Server API Documentation Rate Limits About Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-184

CWE-184

Incomplete List of Disallowed Inputs

Parent: CWE-693 - Protection Mechanism Failure

The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.

70 vulnerabilities with CWE-184

CVE-2026-28391 CRITICAL

OpenClaw <2026.2.2 - Command Injection

CVE-2026-28783 CRITICAL

Craft CMS <5.9.0-beta.1/4.17.0-beta.1 - RCE

CVE-2026-28363 CRITICAL

OpenClaw <2026.2.23 - Command Injection

CVE-2026-1773 HIGH

IEC 60870-5-104 - DoS

CVE-2026-25951 HIGH

Frangoteam Fuxa < 1.2.11 - Path Traversal

CVE-2026-22609 HIGH

Fickling <0.1.7 - Code Injection

CVE-2026-22608 HIGH

Fickling <0.1.7 - RCE

CVE-2026-22607 HIGH

Fickling <0.1.6 - Code Injection

CVE-2026-22606 HIGH

Fickling <0.1.6 - Code Injection

CVE-2025-69277 MEDIUM

libsodium <ad3004e - Memory Corruption

CVE-2025-67748 HIGH

Trailofbits Fickling < 0.1.6 - Insecure Deserialization

CVE-2025-67747 HIGH

Fickling <0.1.6 - Code Injection

CVE-2025-67716 MEDIUM

Auth0 Next.js SDK <4.13.0 - Info Disclosure

CVE-2025-61924 LOW

PrestaShop Checkout <4.4.1, 5.0.5 - Info Disclosure

CVE-2022-50238 HIGH

Microsoft - Info Disclosure

CVE-2025-58361 CRITICAL

Promptcraft Forge Studio - XSS

CVE-2025-58353 HIGH

Promptcraft Forge Studio - XSS

CVE-2025-48732 HIGH

WWBN AVideo <14.4 - RCE

CVE-2025-24388 LOW

OTRS <8 - Command Injection

CVE-2025-1484 MEDIUM

Asset Suite - XSS

CVE-2025-46417 HIGH

Picklescan <0.0.25 - Info Disclosure

CVE-2025-29822 HIGH

Microsoft Office OneNote - Info Disclosure

CVE-2025-1716 CRITICAL

picklescan <0.0.21 - Code Injection

CVE-2024-54149 HIGH

Winter CMS <1.2.7, 1.1.11, 1.0.476 - Auth Bypass

CVE-2024-52595 HIGH

Fedoralovespython Lxml Html Clean < 0.4.0 - XSS

Page 1 of 3 Next

Details

Vulnerabilities 70

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy