CWE-167: Improper Handling of Additional Special Element
The product receives input from an upstream component, but it does not handle or incorrectly handles when an additional unexpected special element is provided.
Last updated
Overview
CWE-167 (Improper Handling of Additional Special Element) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
Real-world CVEs
5 recorded CVEs are caused by CWE-167 (Improper Handling of Additional Special Element). The highest-severity and most recent are shown first. 0 new CWE-167 CVEs have been recorded so far in 2026 (2 in 2025).
- CVE-2025-30656
Junos OS: MX Series, SRX Series: Processing of specific SIP INVITE messages by the SIP ALG will lead to an FPC crash
High · CVSS 8.7 · EPSS 32th2025-04-09 - CVE-2023-4809
pf incorrectly handles multiple IPv6 fragment headers
High · CVSS 7.5 · EPSS 48th2023-09-06 - CVE-2023-0643Medium · CVSS 6.1 · EPSS 44th2023-02-02