CVE-2026-34712: Ignored Sanitization Result
The result of a sanitization, normalization, or escaping function is being assigned to an ignored variable (prefixed with `_`). This typically means the function is mistakenly treated only as a validator. By ignoring the transformed return value, the original unsanitized data continues to be used, bypassing the sanitization defense.
Provally CuratedPublic repositoryHighMedium confidenceVerifiedApache-2.0
Rustβ
Rustβgreprules fetch cve-2026-34712-ignored-sanitization-result --engine opengrepDescription
The result of a sanitization, normalization, or escaping function is being assigned to an ignored variable (prefixed with `_`). This typically means the function is mistakenly treated only as a validator. By ignoring the transformed return value, the original unsanitized data continues to be used, bypassing the sanitization defense.
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0