CWE-144: Improper Neutralization of Line Delimiters
low-riskThe product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as line delimiters when they are sent to a downstream component.
Abstraction: Variant
Common Consequences
Integrity
→
Unexpected State
Real-World Examples (2)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2025-24367 | 8.8 | 90.5% | — |
| CVE-2023-39212 | 7.9 | 0.0% | — |
19
/ 100
low-risk
Active Threat
19/50 · Low
Exploit Availability
0/50 · Minimal