CWE-794: Incomplete Filtering of Multiple Instances of Special Elements
The product receives data from an upstream component, but does not filter all instances of a special element before sending it to a downstream component.
Last updated
Overview
Incomplete filtering of this nature may be applied to: sequential elements (special elements that appear next to each other) or non-sequential elements (special elements that appear multiple times in different locations).
Real-world CVEs
4 recorded CVEs are caused by CWE-794 (Incomplete Filtering of Multiple Instances of Special Elements). The highest-severity and most recent are shown first. 1 new CWE-794 CVE has been recorded so far in 2026.