BaseDraft

CWE-625Permissive Regular Expression

Category: other

Description

The product uses a regular expression that does not sufficiently restrict the set of allowed values.

Common consequences· 1

  • Access Control — Bypass Protection Mechanism

Potential mitigations· 1

  • [Implementation]When applicable, ensure that the regular expression marks beginning and ending string patterns, such as "/^string$/" for Perl.

References

  1. https://cwe.mitre.org/data/definitions/625.html

(incoming)1

TypeTargetConfidenceTier
VulnerabilityCVE-2026-32973cve-2026-329730%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Incorrect Regular Expression
CWE
Improper Validation of Unsafe Equivalence in Input
CWE
Numeric Range Comparison Without Minimum Check
CWE
Inefficient Regular Expression Complexity
CWE
Improper Input Validation
CWE
Improper Validation of Specified Type of Input
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.