CWE · MITRE source
CWE-183Permissive List of Allowed Inputs
The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are explicitly allowed by policy because the inputs are assumed to be safe, but the list is too permissive - that is, it allows an input that is unsafe, leading to resultant weaknesses.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (0)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
| No NIST controls proposed yet. | |||
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2025-53762 | 1.8 | 8.7 | 0.0083 | 2025-07-18 |
CVE-2026-29514 | 1.8 | 8.8 | 0.0003 | 2026-05-04 |
CVE-2024-1654 | 1.7 | 7.2 | 0.0415 | 2024-03-14 |
CVE-2026-33979 | 1.6 | 8.2 | 0.0002 | 2026-03-27 |
CVE-2026-41387 | 1.6 | 7.8 | 0.0002 | 2026-04-28 |
CVE-2020-25696 | 1.5 | 7.5 | 0.0047 | 2020-11-23 |
CVE-2025-59457 | 1.5 | 7.7 | 0.0000 | 2025-09-17 |
CVE-2025-24349 | 1.4 | 7.1 | 0.0031 | 2025-04-30 |
CVE-2026-42043 | 1.4 | 7.2 | 0.0004 | 2026-04-24 |
CVE-2022-34450 | 1.3 | 6.7 | 0.0009 | 2023-02-11 |
CVE-2023-4399 | 1.3 | 6.6 | 0.0006 | 2023-10-17 |
CVE-2024-38522 | 1.3 | 6.3 | 0.0008 | 2024-06-28 |
CVE-2026-2302 | 1.3 | 6.5 | 0.0004 | 2026-02-10 |
CVE-2026-2303 | 1.3 | 6.5 | 0.0006 | 2026-02-10 |
CVE-2026-4509 | 1.3 | 6.3 | 0.0006 | 2026-03-21 |
CVE-2026-21915 | 1.3 | 6.7 | 0.0005 | 2026-04-09 |
CVE-2026-35649 | 1.3 | 6.5 | 0.0003 | 2026-04-10 |
CVE-2026-40899 | 1.3 | 6.5 | 0.0004 | 2026-04-16 |
CVE-2026-43574 | 1.3 | 6.5 | 0.0003 | 2026-05-05 |
CVE-2022-23158 | 1.2 | 6.0 | 0.0006 | 2022-04-01 |
CVE-2026-41240 | 1.2 | 6.1 | 0.0004 | 2026-04-23 |
CVE-2021-34787 | 1.1 | 5.3 | 0.0115 | 2021-10-27 |
CVE-2021-40128 | 1.1 | 5.3 | 0.0008 | 2021-11-04 |
CVE-2023-7250 | 1.1 | 5.3 | 0.0005 | 2024-03-18 |
CVE-2026-32881 | 1.1 | 5.3 | 0.0008 | 2026-03-20 |