Cwe 94

🧬 CWE Related 84
slug: cwe-94

Explanation

CWE-94は「攻撃者が送ったデータが、プログラムコードとして解釈・実行されてしまう」欠陥です。 Pythonの `eval()`・PHPの `eval()`/`include()` にユーザー入力を渡すような実装が典型例です。 リモートコード実行 (RCE) の直接的な原因となるため、最も重大なクラスの脆弱性です。
📌 Example
Log4Shell (CVE-2021-44228) はLog4jのJNDI Lookupを悪用したコードインジェクションで、世界中のJavaサーバーが数日でハッキングされた。

🔖 Related tags

🛡 Vulnerabilities tagged with this 657

ID Title
CVE-2026-0236 Code Injection in CVE-2026-0236 (CVE-2026-0236)
CVE-2026-44005 Code Injection in vm2 (CVE-2026-44005)
CVE-2026-44006 Code Injection in vm2 (CVE-2026-44006)
CVE-2026-43997 Code Injection in vm2 (CVE-2026-43997)
CVE-2026-45136 OS Command Injection in claude-code-cache-fix (CVE-2026-45136)
CVE-2026-44672 Code Injection in org.mapfish.print:print-lib (CVE-2026-44672)
CVE-2026-43680 Code Injection in claris (CVE-2026-43680)
CVE-2026-42288 Code Injection in CVE-2026-42288 (CVE-2026-42288)
CVE-2025-15463 Code Injection in wordpress (CVE-2025-15463)
CVE-2026-44262 Code Injection in dedoc/scramble (CVE-2026-44262)
CVE-2026-44403 Code Injection in wftpserver (CVE-2026-44403)
CVE-2026-8429 Code Injection in CVE-2026-8429 (CVE-2026-8429)
CVE-2026-8430 Code Injection in nginx (CVE-2026-8430)
CVE-2026-42898 Code Injection in microsoft (CVE-2026-42898)
CVE-2026-41094 Code Injection in microsoft (CVE-2026-41094)
CVE-2026-31236 Code Injection in llm (CVE-2026-31236)
CVE-2026-31231 Code Injection in CVE-2026-31231 (CVE-2026-31231)
CVE-2026-31233 Code Injection in guardrails-ai (CVE-2026-31233)
CVE-2026-31230 Vulnerability in CVE-2026-31230 (CVE-2026-31230)
CVE-2026-43892 Cross-Site Scripting (XSS) in CVE-2026-43892 (CVE-2026-43892)
CVE-2025-65719 Code Injection in kubectl-mcp-server (CVE-2025-65719)
CVE-2026-31225 Code Injection in superduper-framework (CVE-2026-31225)
CVE-2026-31228 Code Injection in CVE-2026-31228 (CVE-2026-31228)
CVE-2026-31217 Code Injection in nebuly (CVE-2026-31217)
CVE-2026-31220 Code Injection in syft (CVE-2026-31220)
CVE-2026-44295 Code Injection in protobufjs-cli (CVE-2026-44295)
CVE-2026-44293 Code Injection in protobufjs (CVE-2026-44293)
CVE-2026-44291 Vulnerability in protobufjs (CVE-2026-44291)
CVE-2026-40129 Code Injection in CVE-2026-40129 (CVE-2026-40129)
CVE-2026-37630 Code Injection in CVE-2026-37630 (CVE-2026-37630)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →