CWE-148: Improper Neutralization of Input Leaders
The product does not properly handle when a leading character or sequence ("leader") is missing or malformed, or if multiple leaders are used when only one should be allowed.
Last updated
Overview
CWE-148 (Improper Neutralization of Input Leaders) is a variant-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
Real-world CVEs
2 recorded CVEs are caused by CWE-148 (Improper Neutralization of Input Leaders). The highest-severity and most recent are shown first. 1 new CWE-148 CVE has been recorded so far in 2026.
Common consequences
What can happen when CWE-148 is exploited.
Unexpected State
Affects: Integrity