Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-77 Clear
ID Title
CVE-2026-8230 Command Injection in wavlink (CVE-2026-8230)
command injection in wavlink (CVE-2026-8230). Risk of unauthorized operations or information disclosure.
CVE-2026-8217 Command Injection in CVE-2026-8217 (CVE-2026-8217)
command injection in CVE-2026-8217 (CVE-2026-8217). Risk of unauthorized operations or information disclosure.
CVE-2026-8210 Vulnerability in CVE-2026-8210 (CVE-2026-8210)
vulnerability in CVE-2026-8210 (CVE-2026-8210). Risk of unauthorized operations or information disclosure.
CVE-2026-42257 Command Injection in net-imap (CVE-2026-42257)
command injection in net-imap (CVE-2026-42257). Successful exploitation can lead to full system takeover. Exploitable via ``CRLF``. Mitigation: upgrade to `0.4.24` or later.
CVE-2026-42258 Command Injection in net-imap (CVE-2026-42258)
command injection in net-imap (CVE-2026-42258). Data can be tampered with by attackers. Exploitable via ``flag``. Mitigation: upgrade to `0.4.24` or later.
CVE-2026-8192 Command Injection in wavlink (CVE-2026-8192)
command injection in wavlink (CVE-2026-8192). Risk of unauthorized operations or information disclosure.
CVE-2026-8191 Command Injection in c (CVE-2026-8191)
command injection in c (CVE-2026-8191). Risk of unauthorized operations or information disclosure.
CVE-2026-8190 Command Injection in wavlink (CVE-2026-8190)
command injection in wavlink (CVE-2026-8190). Risk of unauthorized operations or information disclosure.
CVE-2026-8189 Command Injection in wavlink (CVE-2026-8189)
command injection in wavlink (CVE-2026-8189). Risk of unauthorized operations or information disclosure.
CVE-2026-8188 Command Injection in wavlink (CVE-2026-8188)
command injection in wavlink (CVE-2026-8188). Risk of unauthorized operations or information disclosure.
CVE-2026-20147 Command Injection in Cisco dos (CVE-2026-20147)
command injection in Cisco dos (CVE-2026-20147). Successful exploitation can lead to full system takeover.
CVE-2026-42453 Command Injection in CVE-2026-42453 (CVE-2026-42453)
command injection in CVE-2026-42453 (CVE-2026-42453). Risk of unauthorized operations or information disclosure.
CVE-2026-41497 Command Injection in praison (CVE-2026-41497)
command injection in praison (CVE-2026-41497). Successful exploitation can lead to full system takeover. Exploitable via ``bash``. Mitigation: upgrade to `>= 4.6.9` or later.
CVE-2024-30167 Command Injection in CVE-2024-30167 (CVE-2024-30167)
command injection in CVE-2024-30167 (CVE-2024-30167). Risk of unauthorized operations or information disclosure.
CVE-2024-45257 Command Injection in CVE-2024-45257 (CVE-2024-45257)
command injection in CVE-2024-45257 (CVE-2024-45257). Risk of unauthorized operations or information disclosure.
CVE-2023-47268 Command Injection in cpp (CVE-2023-47268)
command injection in cpp (CVE-2023-47268). Risk of unauthorized operations or information disclosure.
CVE-2026-42271 KEV [KEV] Command Injection in Berriai litellm (CVE-2026-42271)
command injection in Berriai litellm (CVE-2026-42271). Successful exploitation can lead to full system takeover. Exploitable via `POST /mcp-rest/test/connection`. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.83.7` or later.
CVE-2026-41500 Command Injection in electerm-project (CVE-2026-41500)
command injection in electerm-project (CVE-2026-41500). Successful exploitation can lead to full system takeover. Exploitable via ``releaseInfo.name``. Mitigation: upgrade to `> 3.2.0` or later.
CVE-2026-41501 Command Injection in electerm (CVE-2026-41501)
command injection in electerm (CVE-2026-41501). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `> 3.2.0` or later.
CVE-2026-8112 Command Injection in 8421bit (CVE-2026-8112)
command injection in 8421bit (CVE-2026-8112). Risk of unauthorized operations or information disclosure.
CVE-2026-33111 Command Injection in microsoft (CVE-2026-33111)
command injection in microsoft (CVE-2026-33111). Confidential information can be exposed externally.
CVE-2026-35428 Command Injection in microsoft (CVE-2026-35428)
command injection in microsoft (CVE-2026-35428). Successful exploitation can lead to full system takeover.
CVE-2026-20169 Command Injection in cisco (CVE-2026-20169)
command injection in cisco (CVE-2026-20169). Risk of unauthorized operations or information disclosure.
CVE-2026-43117 Vulnerability in linux (CVE-2026-43117)
vulnerability in linux (CVE-2026-43117). Confidential information can be exposed externally.
CVE-2026-7246 Command Injection in palletsprojects (CVE-2026-7246)
command injection in palletsprojects (CVE-2026-7246). Successful exploitation can lead to full system takeover.
CVE-2026-30352 Command Injection in CVE-2026-30352 (CVE-2026-30352)
command injection in CVE-2026-30352 (CVE-2026-30352). Successful exploitation can lead to full system takeover.
CVE-2026-40068 Vulnerability in @anthropic-ai/claude-code (CVE-2026-40068)
vulnerability in @anthropic-ai/claude-code (CVE-2026-40068). Successful exploitation can lead to full system takeover. Exploitable via ``commondir``. Mitigation: upgrade to `2.1.84` or later.
CVE-2025-29635 KEV [KEV] Command Injection in D-link dir-823x (CVE-2025-29635)
command injection in D-link dir-823x (CVE-2025-29635). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-4786 Command Injection in libpython (CVE-2026-4786)
command injection in libpython (CVE-2026-4786). Confidential information can be exposed externally. Mitigation: upgrade to `3.14.5` or later.
CVE-2026-20186 Command Injection in dos (CVE-2026-20186)
command injection in dos (CVE-2026-20186). Successful exploitation can lead to full system takeover.
CVE-2026-30461 Command Injection in thedaylightstudio (CVE-2026-30461)
command injection in thedaylightstudio (CVE-2026-30461). Confidential information can be exposed externally.
CVE-2026-5463 Command Injection in pymetasploit3 (CVE-2026-5463)
command injection in pymetasploit3 (CVE-2026-5463). Data can be tampered with by attackers.
CVE-2025-15379 Command Injection in lfprojects (CVE-2025-15379)
command injection in lfprojects (CVE-2025-15379). Successful exploitation can lead to full system takeover. Exploitable via ``python_env.yaml``.
CVE-2026-23862 Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local...
Dell ThinOS 10 versions prior to ThinOS 2602_10.0573, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
CVE-2026-22719 KEV [KEV] Command Injection in Broadcom vmware-aria-operations (CVE-2026-22719)
command injection in Broadcom vmware-aria-operations (CVE-2026-22719). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-24293 Command Injection in CVE-2025-24293 (CVE-2025-24293)
command injection in CVE-2025-24293 (CVE-2025-24293). Successful exploitation can lead to full system takeover.
CVE-2025-15366 Command Injection in CVE-2025-15366 (CVE-2025-15366)
command injection in CVE-2025-15366 (CVE-2025-15366). Risk of unauthorized operations or information disclosure.
CVE-2025-66738 Command Injection in yealink (CVE-2025-66738)
command injection in yealink (CVE-2025-66738). Successful exploitation can lead to full system takeover.
CVE-2025-65363 Command Injection in ruijie (CVE-2025-65363)
command injection in ruijie (CVE-2025-65363). Successful exploitation can lead to full system takeover.
CVE-2025-64052 Command Injection in fanvil (CVE-2025-64052)
command injection in fanvil (CVE-2025-64052). Risk of unauthorized operations or information disclosure.
CVE-2025-57201 Command Injection in avtech (CVE-2025-57201)
command injection in avtech (CVE-2025-57201). Successful exploitation can lead to full system takeover.
CVE-2025-57198 Command Injection in avtech (CVE-2025-57198)
command injection in avtech (CVE-2025-57198). Successful exploitation can lead to full system takeover.
CVE-2025-57199 Command Injection in avtech (CVE-2025-57199)
command injection in avtech (CVE-2025-57199). Successful exploitation can lead to full system takeover.
CVE-2025-57200 Command Injection in avtech (CVE-2025-57200)
command injection in avtech (CVE-2025-57200). Risk of unauthorized operations or information disclosure.
CVE-2025-63674 Command Injection in blurams (CVE-2025-63674)
command injection in blurams (CVE-2025-63674). Successful exploitation can lead to full system takeover.
CVE-2025-63258 Command Injection in CVE-2025-63258 (CVE-2025-63258)
command injection in CVE-2025-63258 (CVE-2025-63258). Risk of unauthorized operations or information disclosure.
CVE-2025-60672 Command Injection in dlink (CVE-2025-60672)
command injection in dlink (CVE-2025-60672). Risk of unauthorized operations or information disclosure.
CVE-2025-60673 Command Injection in dlink (CVE-2025-60673)
command injection in dlink (CVE-2025-60673). Risk of unauthorized operations or information disclosure.
CVE-2025-60675 Command Injection in dlink (CVE-2025-60675)
command injection in dlink (CVE-2025-60675). Risk of unauthorized operations or information disclosure.
CVE-2025-60676 Command Injection in dlink (CVE-2025-60676)
command injection in dlink (CVE-2025-60676). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →