CWE-573— Improper Following of Specification by Caller
The product does not follow or incorrectly follows the specifications as required by the implementation language, environment, framework, protocol, or platform.— MITRE CWE catalog
7 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-573page 1 of 1
- CVE-2019-14829MEDIUMCVSS 4.3EG 4.32021-03-19
A vulnerability was found in Moodle affection 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions where activity creation capabilities were not correctly respected when selecting the activity to use for a course in si…
- CVE-2025-21601HIGHCVSS 7.5EG 7.52025-04-09
An Improper Following of Specification by Caller vulnerability in web management (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) of Juniper Networks Junos OS on SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series, allo…
- CVE-2025-46330LOWCVSS 3.3EG 3.32025-04-29
libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, incorrectly treat malformed requests that caused the HTTP response status code 400, as able to be retried. This could hang the applicati…
- CVE-2025-69202MEDIUMCVSS 6.5EG 6.52025-12-29
Axios Cache Interceptor is a cache interceptor for axios. Prior to version 1.11.1, when a server calls an upstream service using different auth tokens, axios-cache-interceptor returns incorrect cached responses, leading to authorization by…
- CVE-2026-28498HIGHCVSS 7.5EG 7.52026-03-16
Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a library-level vulnerability was identified in the Authlib Python library concerning the validation of OpenID Connect (OIDC) ID Tokens. Spe…
- CVE-2026-41583CRITICALCVSS 9.1EG 9.12026-05-08
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and prior to zebra-script version 5.0.2, after a refactoring, Zebra failed to validate a consensus rule that restricted the possible values of sighash hash types…
- CVE-2026-59998MEDIUMCVSS 6.5EG 4.82026-07-08
sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory.
Map vulnerabilities like CWE-573 to your infrastructure
EchelonGraph correlates every CVE — across CWE-573 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →