4 vulnerabilities classified as CWE-573 (调用者对规范的不恰当使用). AI Chinese analysis included.
CWE-573 represents a critical implementation flaw where software fails to adhere to the prescribed specifications of its underlying environment, framework, or external API. This weakness typically arises when developers incorrectly invoke external functionality, ignoring mandatory parameters, data formats, or security protocols required by the interface. Attackers exploit these deviations by crafting malicious inputs that trigger unintended behaviors, potentially leading to data corruption, privilege escalation, or system crashes. To mitigate this risk, developers must rigorously validate all inputs against strict schema definitions and employ robust error handling mechanisms. Adhering strictly to documented API contracts and utilizing static analysis tools to detect specification violations during the coding phase are essential practices. By ensuring that every call to external resources precisely matches the expected requirements, organizations can prevent the subtle logic errors that often serve as gateways for sophisticated cyberattacks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-41583 | ZEBRA: Consensus Divergence in Transparent Sighash Hash-Type Handling — zebra | 7.5AI | HighAI | 2026-05-08 |
| CVE-2025-69287 | BSV Blockchain SDK has an Authentication Signature Data Preparation Vulnerability — ts-sdk | 5.4 | Medium | 2026-02-18 |
| CVE-2025-46330 | Snowflake Connector for C/C++ retries malformed requests — libsnowflakeclient | 3.3 | Low | 2025-04-29 |
| CVE-2019-14829 | Moodle 安全漏洞 — Moodle | 4.3 | - | 2021-03-19 |
Vulnerabilities classified as CWE-573 (调用者对规范的不恰当使用) represent 4 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.