Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

CWE-184 (不完整的黑名单) — Vulnerability Class 102

102 vulnerabilities classified as CWE-184 (不完整的黑名单). AI Chinese analysis included.

CWE-184 represents a critical input validation weakness where an application relies on a blacklist of prohibited inputs that fails to cover all malicious variations. This approach is inherently fragile because attackers can easily bypass incomplete lists using encoding techniques, alternative syntax, or edge cases not anticipated by the developer. Exploitation typically occurs when an adversary submits crafted payloads that evade the restricted set, allowing unauthorized commands, code execution, or data injection to proceed unchecked. To mitigate this risk, developers should abandon blacklisting in favor of whitelisting, which permits only explicitly verified and safe inputs. Additionally, implementing robust input sanitization and normalization processes ensures that diverse attack vectors are neutralized before processing, thereby closing the gaps left by incomplete disallowed lists and significantly strengthening the application’s security posture against injection-based threats.

MITRE CWE Description
The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.
Common Consequences (1)
Access ControlBypass Protection Mechanism
Attackers may be able to find other malicious inputs that were not expected by the developer, allowing them to bypass the intended protection mechanism.
Mitigations (1)
ImplementationDo not rely exclusively on detecting disallowed inputs. There are too many variants to encode a character, especially when different environments are used, so there is a high likelihood of missing some variants. Only use detection of disallowed inputs as a mechanism for detecting suspicious activity. Ensure that you are using other protection mechanisms that only identify "good" input - such as …
Examples (2)
The following code attempts to stop XSS attacks by removing all occurences of "script" in an input string.
public String removeScriptTags(String input, String mask) { return input.replaceAll("script", mask); }
Bad · Java
This example takes user input, passes it through an encoding scheme, then lists the contents of the user's home directory based on the user name.
sub GetUntrustedInput { return($ARGV[0]); } sub encode { my($str) = @_; $str =~ s/\&/\&amp;/gs; $str =~ s/\"/\&quot;/gs; $str =~ s/\'/\&apos;/gs; $str =~ s/\</\&lt;/gs; $str =~ s/\>/\&gt;/gs; return($str); } sub doit { my $uname = encode(GetUntrustedInput("username")); print "<b>Welcome, $uname!</b><p>\n"; system("cd /home/$uname; /bin/ls -l"); }
Bad · Perl
' pwd
Attack
CVE IDTitleCVSSSeverityPublished
CVE-2026-41264 Flowise: CSV Agent Prompt Injection Remote Code Execution Vulnerability — Flowise 9.8AICriticalAI2026-04-23
CVE-2026-41206 PySpector has a Plugin Code Execution Bypass via Incomplete Static Analysis in PluginSecurity.validate_plugin_code — PySpector 8.8AIHighAI2026-04-23
CVE-2026-34415 Xerte Online Toolkits File Upload RCE via elfinder Connector — xerteonlinetoolkits 9.8 Critical2026-04-22
CVE-2026-26274 October: Safe Mode Bypass via Twig Database Write Operations — october 6.6 Medium2026-04-21
CVE-2026-40077 Beszel has an IDOR in hub API endpoints that read system ID from URL parameter — beszel 3.5 Low2026-04-09
CVE-2026-39315 Unhead has a hasDangerousProtocol() bypass via leading-zero padded HTML entities in useHeadSafe() — unhead 6.1 Medium2026-04-09
CVE-2026-34177 VM lowlevel restriction bypass via raw.apparmor and raw.qemu.conf — lxd 9.1 Critical2026-04-09
CVE-2026-35410 Directus has an Open Redirect via Parser Bypass in OAuth2/SAML Authentication Flow — directus 6.1 Medium2026-04-06
CVE-2026-34426 OpenClaw - Approval Bypass via Environment Variable Normalization — OpenClaw 7.6 High2026-04-02
CVE-2026-34425 OpenClaw - Shell-Bleed Protection Preflight Validation Bypass — OpenClaw 5.4 Medium2026-04-02
CVE-2026-35000 ChangeDetection.io < 0.54.7 SafeXPath3Parser Bypass Arbitrary File Read — ChangeDetection.io 6.5 Medium2026-04-01
CVE-2026-34430 ByteDance DeerFlow LocalSandboxProvider Host Bash Escape — DeerFlow 8.8 High2026-04-01
CVE-2026-4509 PbootCMS File Upload file.php incomplete blacklist — PbootCMS 6.3 Medium2026-03-21
CVE-2026-33139 PySpector: Plugin Sandbox Bypass leads to Arbitrary Code Execution — PySpector 9.8 -2026-03-20
CVE-2026-32022 OpenClaw < 2026.2.21 - Arbitrary File Read via grep -e Flag Policy Bypass — OpenClaw 6.5 Medium2026-03-19
CVE-2026-32017 OpenClaw < 2026.2.19 - Arbitrary File Write via Short-Option Bypass in exec Allowlist — OpenClaw 7.1 High2026-03-19
CVE-2026-31993 OpenClaw < 2026.2.22 - Allowlist Parsing Mismatch in system.run Shell Chains — OpenClaw 4.8 Medium2026-03-19
CVE-2026-31992 OpenClaw < 2026.2.23 - Allowlist Exec-Guard Bypass via env -S — OpenClaw 7.1 High2026-03-19
CVE-2026-22175 OpenClaw < 2026.2.23 - Exec Approval Bypass via Unrecognized Multiplexer Shell Wrappers — OpenClaw 7.1 High2026-03-18
CVE-2026-32128 FastGPT Python Sandbox Bypass of File-Write Restriction — FastGPT 6.3 Medium2026-03-11
CVE-2026-28363 OpenClaw 安全漏洞 — OpenClaw 9.9 Critical2026-02-27
CVE-2026-1773 Hitachi Energy RTU500 安全漏洞 — RTU500 series CMU firmware 7.5AIHighAI2026-02-24
CVE-2026-22609 Fickling has Static Analysis Bypass via Incomplete Dangerous Module Blocklist — fickling 9.8 -2026-01-10
CVE-2026-22608 Fickling vulnerable to use of ctypes and pydoc gadget chain to bypass detection — fickling 9.8 -2026-01-10
CVE-2026-22607 Fickling Blocklist Bypass: cProfile.run() — fickling 9.8 -2026-01-10
CVE-2026-22606 Fickling has a bypass via runpy.run_path() and runpy.run_module() — fickling 9.8 -2026-01-10
CVE-2025-69277 libsodium 安全漏洞 — libsodium 4.5 Medium2025-12-31
CVE-2025-67748 Fickling has Code Injection vulnerability via pty.spawn() — fickling 9.1AICriticalAI2025-12-16
CVE-2025-67747 Fickling has missing detection for marshal.loads and types.FunctionType in unsafe modules list — fickling 8.4AIHighAI2025-12-16
CVE-2025-67716 Auth0 Next.js SDK has Improper Validation of Query Parameters — nextjs-auth0 5.7 Medium2025-12-11

Vulnerabilities classified as CWE-184 (不完整的黑名单) represent 102 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.