Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Tag: cwe-77 Clear
ID Title
CVE-2026-15033 Command Injection in CVE-2026-15033 (CVE-2026-15033)
command injection in CVE-2026-15033 (CVE-2026-15033). Risk of unauthorized operations or information disclosure.
CVE-2026-14802 A vulnerability was detected in react create-react-app up to 5.0.1 on macOS. This affects the...
A vulnerability was detected in react create-react-app up to 5.0.1 on macOS. This affects the...
CVE-2026-9834 Command Injection in wordpress (CVE-2026-9834)
command injection in wordpress (CVE-2026-9834). Successful exploitation can lead to full system takeover. Exploitable via ``wp_db_exclude_table``.
CVE-2026-13501 Vulnerability in c (CVE-2026-13501)
vulnerability in c (CVE-2026-13501). Risk of unauthorized operations or information disclosure.
CVE-2026-38714 Command Injection in inhandnetworks (CVE-2026-38714)
command injection in inhandnetworks (CVE-2026-38714). Successful exploitation can lead to full system takeover.
CVE-2026-38716 Command Injection in inhandnetworks (CVE-2026-38716)
command injection in inhandnetworks (CVE-2026-38716). Successful exploitation can lead to full system takeover.
CVE-2026-54090 Command Injection in github.com/filebrowser/filebrowser/v2 (CVE-2026-54090)
command injection in github.com/filebrowser/filebrowser/v2 (CVE-2026-54090). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/login`. Mitigation: upgrade to `2.33.10` or later.
CVE-2026-46529 Command Injection in c (CVE-2026-46529)
command injection in c (CVE-2026-46529). Successful exploitation can lead to full system takeover. Exploitable via ``g_shell_quote``. Mitigation: upgrade to `1.6.2` or later.
CVE-2026-45558 Vulnerability in c (CVE-2026-45558)
vulnerability in c (CVE-2026-45558). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/service/haproxy/`.
CVE-2026-47242 Command Injection in net-imap (CVE-2026-47242)
command injection in net-imap (CVE-2026-47242). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.5.15` or later.
CVE-2026-47240 Command Injection in net-imap (CVE-2026-47240)
command injection in net-imap (CVE-2026-47240). Risk of unauthorized operations or information disclosure. Exploitable via ``IMAP4rev2``. Mitigation: upgrade to `0.5.15` or later.
CVE-2026-9277 Command Injection in shell-quote (CVE-2026-9277)
command injection in shell-quote (CVE-2026-9277). Successful exploitation can lead to full system takeover. Exploitable via ``envFn``. Mitigation: upgrade to `1.8.4` or later.
CVE-2026-11408 Command Injection in CVE-2026-11408 (CVE-2026-11408)
command injection in CVE-2026-11408 (CVE-2026-11408). Risk of unauthorized operations or information disclosure.
CVE-2026-11339 Vulnerability in c (CVE-2026-11339)
vulnerability in c (CVE-2026-11339). Risk of unauthorized operations or information disclosure.
CVE-2026-10550 Vulnerability in CVE-2026-10550 (CVE-2026-10550)
vulnerability in CVE-2026-10550 (CVE-2026-10550). Risk of unauthorized operations or information disclosure.
CVE-2024-52011 Command Injection in launch-editor (CVE-2024-52011)
command injection in launch-editor (CVE-2024-52011). Confidential information can be exposed externally. Exploitable via ``file``. Mitigation: upgrade to `2.9.0` or later.
CVE-2026-10273 Command Injection in CVE-2026-10273 (CVE-2026-10273)
command injection in CVE-2026-10273 (CVE-2026-10273). Risk of unauthorized operations or information disclosure.
CVE-2026-10182 Vulnerability in c (CVE-2026-10182)
vulnerability in c (CVE-2026-10182). Risk of unauthorized operations or information disclosure.
CVE-2026-45628 Vulnerability in c (CVE-2026-45628)
vulnerability in c (CVE-2026-45628). Confidential information can be exposed externally.
CVE-2025-69600 Command Injection in CVE-2025-69600 (CVE-2025-69600)
command injection in CVE-2025-69600 (CVE-2025-69600). Successful exploitation can lead to full system takeover.
CVE-2026-38945 Command Injection in CVE-2026-38945 (CVE-2026-38945)
command injection in CVE-2026-38945 (CVE-2026-38945). Successful exploitation can lead to full system takeover.
CVE-2026-48694 Command Injection in pavel-odintsov (CVE-2026-48694)
command injection in pavel-odintsov (CVE-2026-48694). Confidential information can be exposed externally.
CVE-2026-46368 Command Injection in c (CVE-2026-46368)
command injection in c (CVE-2026-46368). Successful exploitation can lead to full system takeover.
CVE-2026-8753 Vulnerability in CVE-2026-8753 (CVE-2026-8753)
vulnerability in CVE-2026-8753 (CVE-2026-8753). Risk of unauthorized operations or information disclosure.
CVE-2026-46508 Command Injection in vercel (CVE-2026-46508)
command injection in vercel (CVE-2026-46508). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.9.14000` or later.
CVE-2026-43990 Command Injection in c (CVE-2026-43990)
command injection in c (CVE-2026-43990). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.x.y-security-1` or later.
CVE-2026-42257 Command Injection in net-imap (CVE-2026-42257)
command injection in net-imap (CVE-2026-42257). Successful exploitation can lead to full system takeover. Exploitable via ``CRLF``. Mitigation: upgrade to `0.4.24` or later.
CVE-2026-42258 Command Injection in net-imap (CVE-2026-42258)
command injection in net-imap (CVE-2026-42258). Data can be tampered with by attackers. Exploitable via ``flag``. Mitigation: upgrade to `0.4.24` or later.
CVE-2026-8191 Command Injection in c (CVE-2026-8191)
command injection in c (CVE-2026-8191). Risk of unauthorized operations or information disclosure.
CVE-2026-41497 Command Injection in praison (CVE-2026-41497)
command injection in praison (CVE-2026-41497). Successful exploitation can lead to full system takeover. Exploitable via ``bash``. Mitigation: upgrade to `>= 4.6.9` or later.
CVE-2023-47268 Command Injection in cpp (CVE-2023-47268)
command injection in cpp (CVE-2023-47268). Risk of unauthorized operations or information disclosure.
CVE-2026-41501 Command Injection in electerm (CVE-2026-41501)
command injection in electerm (CVE-2026-41501). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `> 3.2.0` or later.
CVE-2026-41500 Command Injection in electerm-project (CVE-2026-41500)
command injection in electerm-project (CVE-2026-41500). Successful exploitation can lead to full system takeover. Exploitable via ``releaseInfo.name``. Mitigation: upgrade to `> 3.2.0` or later.
CVE-2026-30461 Command Injection in thedaylightstudio (CVE-2026-30461)
command injection in thedaylightstudio (CVE-2026-30461). Confidential information can be exposed externally.
CVE-2025-24293 Command Injection in CVE-2025-24293 (CVE-2025-24293)
command injection in CVE-2025-24293 (CVE-2025-24293). Successful exploitation can lead to full system takeover.
CVE-2016-10033 KEV [KEV] Command Injection in php (CVE-2016-10033)
command injection in php (CVE-2016-10033). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-52903 Vulnerability in github.com/filebrowser/filebrowser/v2 (CVE-2025-52903)
vulnerability in github.com/filebrowser/filebrowser/v2 (CVE-2025-52903). Successful exploitation can lead to full system takeover. Exploitable via ``find``. Mitigation: upgrade to `2.33.10` or later.
CVE-2025-25813 Command Injection in seacms (CVE-2025-25813)
command injection in seacms (CVE-2025-25813). Data can be tampered with by attackers.
CVE-2025-25802 Command Injection in seacms (CVE-2025-25802)
command injection in seacms (CVE-2025-25802). Data can be tampered with by attackers.
CVE-2025-25797 Command Injection in seacms (CVE-2025-25797)
command injection in seacms (CVE-2025-25797). Data can be tampered with by attackers.
CVE-2025-25796 Command Injection in seacms (CVE-2025-25796)
command injection in seacms (CVE-2025-25796). Data can be tampered with by attackers.
CVE-2025-25794 Command Injection in seacms (CVE-2025-25794)
command injection in seacms (CVE-2025-25794). Data can be tampered with by attackers.
CVE-2025-25793 Command Injection in seacms (CVE-2025-25793)
command injection in seacms (CVE-2025-25793). Data can be tampered with by attackers.
CVE-2025-25792 Command Injection in seacms (CVE-2025-25792)
command injection in seacms (CVE-2025-25792). Risk of unauthorized operations or information disclosure.
CVE-2024-44570 Command Injection in relyum (CVE-2024-44570)
command injection in relyum (CVE-2024-44570). Successful exploitation can lead to full system takeover.
CVE-2024-44916 Command Injection in seacms (CVE-2024-44916)
command injection in seacms (CVE-2024-44916). Successful exploitation can lead to full system takeover.
CVE-2024-3566 Command Injection in node (CVE-2024-3566)
command injection in node (CVE-2024-3566). Successful exploitation can lead to full system takeover. Exploitable via ``cmd.exe``. Mitigation: upgrade to `18.19.0` or later.
CVE-2023-39809 Command Injection in nvki (CVE-2023-39809)
command injection in nvki (CVE-2023-39809). Successful exploitation can lead to full system takeover.
CVE-2014-1203 Command Injection in eyou (CVE-2014-1203)
command injection in eyou (CVE-2014-1203). Successful exploitation can lead to full system takeover.
CVE-2014-3741 Command Injection in node-printer-project (CVE-2014-3741)
command injection in node-printer-project (CVE-2014-3741). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →