Cwe 94

🧬 CWE Related 84
slug: cwe-94

Explanation

CWE-94は「攻撃者が送ったデータが、プログラムコードとして解釈・実行されてしまう」欠陥です。 Pythonの `eval()`・PHPの `eval()`/`include()` にユーザー入力を渡すような実装が典型例です。 リモートコード実行 (RCE) の直接的な原因となるため、最も重大なクラスの脆弱性です。
📌 Example
Log4Shell (CVE-2021-44228) はLog4jのJNDI Lookupを悪用したコードインジェクションで、世界中のJavaサーバーが数日でハッキングされた。

🔖 Related tags

🛡 Vulnerabilities tagged with this 657

ID Title
CVE-2026-45495 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2026-45719 Code Injection in @budibase/server (CVE-2026-45719)
CVE-2026-45697 Vulnerability in verbb/formie (CVE-2026-45697)
CVE-2026-45829 Code Injection in chromadb (CVE-2026-45829)
CVE-2026-6902 Code Injection in CVE-2026-6902 (CVE-2026-6902)
CVE-2018-25320 Code Injection in CVE-2018-25320 (CVE-2018-25320)
CVE-2021-47952 Code Injection in deserialization (CVE-2021-47952)
CVE-2025-67031 Code Injection in CVE-2025-67031 (CVE-2025-67031)
CVE-2021-47964 Schlix CMS 2.2.6-6 contains a remote code execution vulnerability that allows authenticated...
CVE-2026-44717 Code Injection in CVE-2026-44717 (CVE-2026-44717)
CVE-2026-41258 Code Injection in org.openmrs.api:openmrs-api (CVE-2026-41258)
CVE-2026-35194 Code Injection in flink (CVE-2026-35194)
CVE-2026-39052 Code Injection in CVE-2026-39052 (CVE-2026-39052)
CVE-2026-8634 Code Injection in github.com/openclaw/crabbox (CVE-2026-8634)
CVE-2026-8539 Code Injection in google (CVE-2026-8539)
CVE-2026-45353 Code Injection in electerm (CVE-2026-45353)
CVE-2026-45374 Code Injection in deepseek-tui (CVE-2026-45374)
CVE-2026-45311 Code Injection in deepseek-tui (CVE-2026-45311)
CVE-2026-45058 Vulnerability in electerm (CVE-2026-45058)
CVE-2026-44586 Cross-Site Scripting (XSS) in CVE-2026-44586 (CVE-2026-44586)
CVE-2025-15024 Code Injection in CVE-2025-15024 (CVE-2025-15024)
CVE-2026-42555 Code Injection in com.ritense.valtimo:document (CVE-2026-42555)
CVE-2025-69443 Code Injection in CVE-2025-69443 (CVE-2025-69443)
CVE-2026-44482 Vulnerability in CVE-2026-44482 (CVE-2026-44482)
CVE-2026-46442 Code Injection in flowise (CVE-2026-46442)
CVE-2026-41249 Code Injection in coreshop/core-shop (CVE-2026-41249)
CVE-2025-12669 Code Injection in gitlab (CVE-2025-12669)
CVE-2026-45714 Code Injection in CVE-2026-45714 (CVE-2026-45714)
CVE-2026-45708 Code Injection in CVE-2026-45708 (CVE-2026-45708)
CVE-2026-44377 Code Injection in CVE-2026-44377 (CVE-2026-44377)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →