CWE•Base•Incomplete•16 recent CVEs
CWE-178Improper Handling of Case Sensitivity
Description
The product does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results.
[object Object]
Common consequences
- Access Control→Bypass Protection Mechanism
Potential mitigations
- Architecture and DesignAvoid making decisions based on names of resources (e.g. files) if those resources can have alternate names.
- Implementation[object Object]
- ImplementationInputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
Related CWEs
Recent CVEs classified under this CWE
CVE-2026-463928.72026-06-05CVE-2026-84043.12026-06-03CVE-2026-485952026-06-02CVE-2026-443672.72026-06-02CVE-2026-473239.82026-05-19CVE-2026-435137.52026-05-12CVE-2026-422732026-05-08CVE-2026-422722026-05-08CVE-2026-38336.52026-04-30CVE-2026-404539.92026-04-27CVE-2026-226658.12026-04-03CVE-2026-336916.82026-04-02CVE-2026-282929.82026-03-10CVE-2026-278967.52026-02-26CVE-2023-462186.52023-12-07CVE-2007-33657.52007-06-22