The product does not adequately filter user-controlled input for special elements with control implications.

What CVEs are caused by CWE-75?

30 recorded CVEs are attributed to CWE-75, including CVE-2025-50213, CVE-2024-39227, CVE-2024-39243.

How do you prevent CWE-75?

Programming languages and supporting technologies might be chosen which are not subject to these issues.

What are the consequences of CWE-75?

Exploiting CWE-75 can lead to: Modify Application Data, Execute Unauthorized Code or Commands.

Is CWE-75 actively exploited?

30 recorded CVEs are caused by CWE-75; none are currently in CISA's KEV catalog of actively exploited flaws.

CWE-75: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)

CVE-2024-35373

CWE-75: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to prevent it

Terminology & mappings

Mapped taxonomies

Attack patterns

Frequently asked questions

What is CWE-75?

What CVEs are caused by CWE-75?

How do you prevent CWE-75?

What are the consequences of CWE-75?

Is CWE-75 actively exploited?

References

Stay ahead of CWE-75

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

How to prevent it

Related weaknesses

Parent

Child

Terminology & mappings

Mapped taxonomies

Attack patterns

Frequently asked questions

What is CWE-75?

What CVEs are caused by CWE-75?

How do you prevent CWE-75?

What are the consequences of CWE-75?

Is CWE-75 actively exploited?

References

Stay ahead of CWE-75