CWE-156: Improper Neutralization of Whitespace
low-riskThe product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as whitespace when they are sent to a downstream component.
Abstraction: Variant
Common Consequences
Integrity
→
Unexpected State
Real-World Examples (5)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2025-55000 | 6.5 | 0.0% | — |
| CVE-2025-6014 | 6.5 | 0.0% | — |
| CVE-2025-6013 | 6.5 | 0.0% | — |
| CVE-2025-55001 | 6.5 | 0.0% | — |
| CVE-2025-55127 | 5.4 | 0.0% | — |
0
/ 100
low-risk
Active Threat
0/50 · Minimal
Exploit Availability
0/50 · Minimal