Log in
The product invokes a generative AI/ML component whose behaviors and outputs cannot be directly controlled, but the product does not validate or insufficiently validates the outputs to ensure that they align with the intended security, content, or privacy policy.
Last updated
CWE-1426 (Improper Validation of Generative AI Output) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
2 recorded CVEs are caused by CWE-1426 (Improper Validation of Generative AI Output). The highest-severity and most recent are shown first. 0 new CWE-1426 CVEs have been recorded so far in 2026 (2 in 2025).
What can happen when CWE-1426 is exploited.
Execute Unauthorized Code or Commands, Varies by Context
Affects: Integrity
[object Object]
Typically introduced during these phases of the software lifecycle.
Technologies
Practical mitigations for CWE-1426, grouped by where in the lifecycle they apply.
Since the output from a generative AI component (such as an LLM) cannot be trusted, ensure that it operates in an untrusted or non-privileged space.
Use "semantic comparators," which are mechanisms that provide semantic comparison to identify objects that might appear different but are semantically similar.
Use components that operate externally to the system to monitor the output and act as a moderator. These components are called different terms, such as supervisors or guardrails.
During model training, use an appropriate variety of good and bad examples to guide preferred outputs.
Use known techniques for prompt injection and other attacks, and adjust the attacks to be more specific to the model or system.
Use known techniques for prompt injection and other attacks, and adjust the attacks to be more specific to the model or system.
Review of the product design can be effective, but it works best in conjunction with dynamic analysis.
Real CVEs that MITRE cites as examples of this weakness.
Common questions about CWE-1426.
The product invokes a generative AI/ML component whose behaviors and outputs cannot be directly controlled, but the product does not validate or insufficiently validates the outputs to ensure that they align with the intended security, content, or privacy policy.
2 recorded CVEs are attributed to CWE-1426, including CVE-2025-55074, CVE-2025-31363.
Since the output from a generative AI component (such as an LLM) cannot be trusted, ensure that it operates in an untrusted or non-privileged space.
Dynamic Analysis with Manual Results Interpretation: Use known techniques for prompt injection and other attacks, and adjust the attacks to be more specific to the model or system.
Exploiting CWE-1426 can lead to: Execute Unauthorized Code or Commands, Varies by Context.
2 recorded CVEs are caused by CWE-1426; none are currently in CISA's KEV catalog of actively exploited flaws.
Weakness data is sourced from the MITRE CWE catalog (v4.20). CVE associations are aggregated and kept current by RadicalNotion.AI.
Get alerted the moment a new CWE-1426 vulnerability affects your stack, with AI-written analysis, severity context, and remediation guidance.