Cwe 94

🧬 CWE Related 84
slug: cwe-94

Explanation

CWE-94は「攻撃者が送ったデータが、プログラムコードとして解釈・実行されてしまう」欠陥です。 Pythonの `eval()`・PHPの `eval()`/`include()` にユーザー入力を渡すような実装が典型例です。 リモートコード実行 (RCE) の直接的な原因となるため、最も重大なクラスの脆弱性です。
📌 Example
Log4Shell (CVE-2021-44228) はLog4jのJNDI Lookupを悪用したコードインジェクションで、世界中のJavaサーバーが数日でハッキングされた。

🔖 Related tags

🛡 Vulnerabilities tagged with this 657

ID Title
CVE-2026-45558 Vulnerability in c (CVE-2026-45558)
CVE-2026-47906 Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third...
CVE-2026-45583 Code Injection in microsoft (CVE-2026-45583)
CVE-2026-0414 Code Injection in netgear (CVE-2026-0414)
CVE-2026-47292 Code Injection in microsoft (CVE-2026-47292)
CVE-2017-20251 Code Injection in wordpress (CVE-2017-20251)
CVE-2026-8795 Vulnerability in CVE-2026-8795 (CVE-2026-8795)
CVE-2026-11688 Code Injection in google (CVE-2026-11688)
CVE-2026-11393 Code Injection in Amazon aws (CVE-2026-11393)
CVE-2026-52778 Code Injection in dos (CVE-2026-52778)
CVE-2026-42890 Code Injection in actual (CVE-2026-42890)
CVE-2026-25856 Code Injection in c (CVE-2026-25856)
CVE-2026-11534 Cross-Site Scripting (XSS) in CVE-2026-11534 (CVE-2026-11534)
CVE-2026-11518 Cross-Site Scripting (XSS) in CVE-2026-11518 (CVE-2026-11518)
CVE-2026-11520 Cross-Site Scripting (XSS) in CVE-2026-11520 (CVE-2026-11520)
CVE-2026-11512 Cross-Site Scripting (XSS) in CVE-2026-11512 (CVE-2026-11512)
CVE-2026-11491 Cross-Site Scripting (XSS) in CVE-2026-11491 (CVE-2026-11491)
CVE-2026-11468 Cross-Site Scripting (XSS) in CVE-2026-11468 (CVE-2026-11468)
CVE-2026-11436 Cross-Site Scripting (XSS) in CVE-2026-11436 (CVE-2026-11436)
CVE-2026-11434 Cross-Site Scripting (XSS) in CVE-2026-11434 (CVE-2026-11434)
CVE-2026-11429 Path Traversal in path-traversal (CVE-2026-11429)
CVE-2026-49493 Code Injection in CVE-2026-49493 (CVE-2026-49493)
CVE-2026-11338 Cross-Site Scripting (XSS) in CVE-2026-11338 (CVE-2026-11338)
CVE-2026-11337 Cross-Site Scripting (XSS) in CVE-2026-11337 (CVE-2026-11337)
CVE-2026-48017 Code Injection in dbgate-api (CVE-2026-48017)
CVE-2026-11231 Code Injection in google (CVE-2026-11231)
CVE-2026-11218 Vulnerability in google (CVE-2026-11218)
CVE-2026-11157 Code Injection in google (CVE-2026-11157)
CVE-2026-10928 Code Injection in google (CVE-2026-10928)
CVE-2026-10904 Vulnerability in google (CVE-2026-10904)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →