CWE-1289: Improper Validation of Unsafe Equivalence in Input
low-riskThe product receives an input value that is used as a resource identifier or other type of reference, but it does not validate or incorrectly validates that the input is equivalent to a potentially-unsafe value.
Abstraction: Base
Common Consequences
Other
→
Varies by Context
Real-World Examples (10)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2024-45179 | 7.2 | 1.2% | — |
| CVE-2022-0675 | 5.6 | 0.5% | — |
| CVE-2026-33496 | 8.1 | 0.2% | — |
| CVE-2026-33515 | 6.5 | 0.2% | — |
| CVE-2024-42219 | 7.8 | 0.2% | — |
| CVE-2024-12224 | 8.8 | 0.2% | — |
| CVE-2024-45308 | 6.5 | 0.1% | — |
| CVE-2026-22569 | 5.4 | 0.1% | — |
| CVE-2026-27610 | 5.3 | 0.1% | — |
| CVE-2026-3563 | 5.5 | 0.1% | — |
0
/ 100
low-risk
Active Threat
0/50 · Minimal
Exploit Availability
0/50 · Minimal