CWE-237— Improper Handling of Structural Elements
The product does not handle or incorrectly handles inputs that are related to complex structures.— MITRE CWE catalog
4 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-237page 1 of 1
- CVE-2023-34429HIGHCVSS 7.5EG 7.52023-07-19
Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token.
- CVE-2023-6110MEDIUMCVSS 5.5EG 5.52024-11-17
A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.
- CVE-2025-24336LOWCVSS 3.3EG 3.32025-01-31
SXF Common Library handles input data improperly. If a product using the library reads a crafted file, the product may be crashed.
- CVE-2026-45411CRITICALCVSS 9.8EG 9.82026-05-13
vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.3, it is possible to catch a host exception using the yield* expression inside an async generator. When the generator is closed using the return function, the value is awaited on …
Map vulnerabilities like CWE-237 to your infrastructure
EchelonGraph correlates every CVE — across CWE-237 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →