Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-184 (不完整的黑名单) — Vulnerability Class 86

86 vulnerabilities classified as CWE-184 (不完整的黑名单). AI Chinese analysis included.

CWE-184 represents a critical input validation weakness where an application relies on a blacklist of prohibited inputs that fails to cover all malicious variations. This approach is inherently fragile because attackers can easily bypass incomplete lists using encoding techniques, alternative syntax, or edge cases not anticipated by the developer. Exploitation typically occurs when an adversary submits crafted payloads that evade the restricted set, allowing unauthorized commands, code execution, or data injection to proceed unchecked. To mitigate this risk, developers should abandon blacklisting in favor of whitelisting, which permits only explicitly verified and safe inputs. Additionally, implementing robust input sanitization and normalization processes ensures that diverse attack vectors are neutralized before processing, thereby closing the gaps left by incomplete disallowed lists and significantly strengthening the application’s security posture against injection-based threats.

MITRE CWE Description
The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.
Common Consequences (1)
Access ControlBypass Protection Mechanism
Attackers may be able to find other malicious inputs that were not expected by the developer, allowing them to bypass the intended protection mechanism.
Mitigations (1)
ImplementationDo not rely exclusively on detecting disallowed inputs. There are too many variants to encode a character, especially when different environments are used, so there is a high likelihood of missing some variants. Only use detection of disallowed inputs as a mechanism for detecting suspicious activity. Ensure that you are using other protection mechanisms that only identify "good" input - such as …
Examples (2)
The following code attempts to stop XSS attacks by removing all occurences of "script" in an input string.
public String removeScriptTags(String input, String mask) { return input.replaceAll("script", mask); }
Bad · Java
This example takes user input, passes it through an encoding scheme, then lists the contents of the user's home directory based on the user name.
sub GetUntrustedInput { return($ARGV[0]); } sub encode { my($str) = @_; $str =~ s/\&/\&amp;/gs; $str =~ s/\"/\&quot;/gs; $str =~ s/\'/\&apos;/gs; $str =~ s/\</\&lt;/gs; $str =~ s/\>/\&gt;/gs; return($str); } sub doit { my $uname = encode(GetUntrustedInput("username")); print "<b>Welcome, $uname!</b><p>\n"; system("cd /home/$uname; /bin/ls -l"); }
Bad · Perl
' pwd
Attack
CVE IDTitleCVSSSeverityPublished
CVE-2026-31993 OpenClaw < 2026.2.22 - Allowlist Parsing Mismatch in system.run Shell Chains — OpenClaw 4.8 Medium2026-03-19
CVE-2026-31992 OpenClaw < 2026.2.23 - Allowlist Exec-Guard Bypass via env -S — OpenClaw 7.1 High2026-03-19
CVE-2026-22175 OpenClaw < 2026.2.23 - Exec Approval Bypass via Unrecognized Multiplexer Shell Wrappers — OpenClaw 7.1 High2026-03-18
CVE-2026-32128 FastGPT Python Sandbox Bypass of File-Write Restriction — FastGPT 6.3 Medium2026-03-11
CVE-2026-28363 OpenClaw 安全漏洞 — OpenClaw 9.9 Critical2026-02-27
CVE-2026-1773 Hitachi Energy RTU500 安全漏洞 — RTU500 series CMU firmware 7.5AIHighAI2026-02-24
CVE-2026-22609 Fickling has Static Analysis Bypass via Incomplete Dangerous Module Blocklist — fickling 9.8 -2026-01-10
CVE-2026-22608 Fickling vulnerable to use of ctypes and pydoc gadget chain to bypass detection — fickling 9.8 -2026-01-10
CVE-2026-22607 Fickling Blocklist Bypass: cProfile.run() — fickling 9.8 -2026-01-10
CVE-2026-22606 Fickling has a bypass via runpy.run_path() and runpy.run_module() — fickling 9.8 -2026-01-10
CVE-2025-69277 libsodium 安全漏洞 — libsodium 4.5 Medium2025-12-31
CVE-2025-67748 Fickling has Code Injection vulnerability via pty.spawn() — fickling 9.1AICriticalAI2025-12-16
CVE-2025-67747 Fickling has missing detection for marshal.loads and types.FunctionType in unsafe modules list — fickling 8.4AIHighAI2025-12-16
CVE-2025-67716 Auth0 Next.js SDK has Improper Validation of Query Parameters — nextjs-auth0 5.7 Medium2025-12-11
CVE-2025-61924 PrestaShop Checkout Target PayPal merchant account hijacking from backoffice — ps_checkout 3.8 Low2025-10-16
CVE-2025-48732 WWBN AVideo 安全漏洞 — AVideo 7.3 High2025-07-24
CVE-2025-24388 Unsafe handling of AJAX calls — OTRS 3.8 Low2025-06-16
CVE-2025-1484 Hitachi Asset Suite 安全漏洞 — Asset Suite 6.5 Medium2025-05-30
CVE-2025-46417 picklescan 安全漏洞 — Picklescan 9.1 -2025-04-24
CVE-2025-29822 Microsoft OneNote Security Feature Bypass Vulnerability — Microsoft 365 Apps for Enterprise 7.8 High2025-04-08
CVE-2025-1716 picklescan - Security scanning bypass via 'pip main' — picklescan 8.1 -2025-02-26
CVE-2024-54149 Winter CMS Modules allows a sandbox bypass in Twig templates leading to data modification and deletion — winter 8.5 High2024-12-09
CVE-2024-32152 Ankitects Anki 安全漏洞 — Anki 3.1 Low2024-07-22
CVE-2024-5217 Incomplete Input Validation in GlideExpression Script — Now Platform 9.8 Critical2024-07-10
CVE-2024-5178 Incomplete Input Validation in SecurelyAccess API — Now Platform 4.9 Medium2024-07-10
CVE-2024-30103 Microsoft Outlook Remote Code Execution Vulnerability — Microsoft Office 2019 8.8 High2024-06-11
CVE-2024-20278 Cisco IOS XE Software 安全漏洞 — Cisco IOS XE Software 6.5 Medium2024-03-27
CVE-2024-28246 KaTeX is missing normalization of the protocol in URLs allows bypassing forbidden protocols — KaTeX 5.5 Medium2024-03-25
CVE-2023-45593 AiLux imx6 安全漏洞 — imx6 bundle 6.8 Medium2024-03-05
CVE-2023-45133 Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code — babel 9.4 Critical2023-10-12

Vulnerabilities classified as CWE-184 (不完整的黑名单) represent 86 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.