threat
engine
.sh
Back
·
··:··
Home
/
CWE
/
Improper Neutralization of Delimiters
Weakness
Improper Neutralization of Delimiters
CWE-140 · Base · Draft
The product does not neutralize or incorrectly neutralizes delimiters.
△
Weakness Relationships
Where this weakness sits in the CWE hierarchy. Walk up to broader classes or down to more specific variants.
Parent of this (broader)
ChildOf
CWE-138 · Improper Neutralization of Special Elements
Children (more specific)
ParentOf
CWE-141 · Improper Neutralization of Parameter/Argument Delimiters
ParentOf
CWE-142 · Improper Neutralization of Value Delimiters
ParentOf
CWE-143 · Improper Neutralization of Record Delimiters
ParentOf
CWE-144 · Improper Neutralization of Line Delimiters
ParentOf
CWE-145 · Improper Neutralization of Section Delimiters
ParentOf
CWE-146 · Improper Neutralization of Expression/Command Delimiters
◆
Attack Patterns (CAPEC)
1
How adversaries exploit this weakness, per MITRE CAPEC.
CAPEC-15
Command Delimiters
⚠
CVEs With This Weakness
18
A sample of the 18 CVEs tagged with this weakness.
CVE
CVE-2026-33457
CVE
CVE-2026-33456
CVE
CVE-2026-33455
CVE
CVE-2026-21691
CVE
CVE-2025-52989
CVE
CVE-2025-48879
CVE
CVE-2025-47779
CVE
CVE-2025-32918
CVE
CVE-2024-6542
CVE
CVE-2024-42482
CVE
CVE-2024-42392
CVE
CVE-2024-42385
External lookups - second-class, for what we don’t hold ourselves
MITRE CWE
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin