Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-78 Clear
ID Title
CVE-2026-9388 Command Injection in CVE-2026-9388 (CVE-2026-9388)
command injection in CVE-2026-9388 (CVE-2026-9388). Successful exploitation can lead to full system takeover.
CVE-2026-9387 Command Injection in CVE-2026-9387 (CVE-2026-9387)
command injection in CVE-2026-9387 (CVE-2026-9387). Successful exploitation can lead to full system takeover.
CVE-2026-9367 Command Injection in CVE-2026-9367 (CVE-2026-9367)
command injection in CVE-2026-9367 (CVE-2026-9367). Risk of unauthorized operations or information disclosure.
CVE-2026-9347 Command Injection in CVE-2026-9347 (CVE-2026-9347)
command injection in CVE-2026-9347 (CVE-2026-9347). Risk of unauthorized operations or information disclosure.
CVE-2026-9343 Command Injection in CVE-2026-9343 (CVE-2026-9343)
command injection in CVE-2026-9343 (CVE-2026-9343). Risk of unauthorized operations or information disclosure.
CVE-2026-8652 OS Command Injection in jvn (CVE-2026-8652)
OS command injection in jvn (CVE-2026-8652). Risk of unauthorized operations or information disclosure.
CVE-2026-46716 OS Command Injection in github.com/nezhahq/nezha (CVE-2026-46716)
OS command injection in github.com/nezhahq/nezha (CVE-2026-46716). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/v1/cron`. Mitigation: upgrade to `1.14.15-0.20260517022419-d7526351cf97` or later.
CVE-2026-46643 OS Command Injection in KnpLabs/knp-snappy (CVE-2026-46643)
OS command injection in KnpLabs/knp-snappy (CVE-2026-46643). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.1` or later.
CVE-2026-46618 Vulnerability in github.com/fission/fission (CVE-2026-46618)
vulnerability in github.com/fission/fission (CVE-2026-46618). Risk of unauthorized operations or information disclosure. Exploitable via ``Environment.spec.builder.command``. Mitigation: upgrade to `1.23.0` or later.
CVE-2026-45255 OS Command Injection in freebsd (CVE-2026-45255)
OS command injection in freebsd (CVE-2026-45255). Successful exploitation can lead to full system takeover.
CVE-2026-44076 OS Command Injection in CVE-2026-44076 (CVE-2026-44076)
OS command injection in CVE-2026-44076 (CVE-2026-44076). Successful exploitation can lead to full system takeover.
CVE-2026-44072 OS Command Injection in CVE-2026-44072 (CVE-2026-44072)
OS command injection in CVE-2026-44072 (CVE-2026-44072). Risk of unauthorized operations or information disclosure.
CVE-2026-44055 OS Command Injection in CVE-2026-44055 (CVE-2026-44055)
OS command injection in CVE-2026-44055 (CVE-2026-44055). Successful exploitation can lead to full system takeover.
CVE-2026-8632 Command Injection in hp (CVE-2026-8632)
command injection in hp (CVE-2026-8632). Successful exploitation can lead to full system takeover.
CVE-2026-20206 OS Command Injection in cisco (CVE-2026-20206)
OS command injection in cisco (CVE-2026-20206). Risk of unauthorized operations or information disclosure.
CVE-2026-34234 OS Command Injection in CVE-2026-34234 (CVE-2026-34234)
OS command injection in CVE-2026-34234 (CVE-2026-34234). Successful exploitation can lead to full system takeover.
CVE-2026-8603 OS Command Injection in scadabr (CVE-2026-8603)
OS command injection in scadabr (CVE-2026-8603). Successful exploitation can lead to full system takeover.
CVE-2026-36828 OS Command Injection in CVE-2026-36828 (CVE-2026-36828)
OS command injection in CVE-2026-36828 (CVE-2026-36828). Successful exploitation can lead to full system takeover.
CVE-2026-36827 OS Command Injection in CVE-2026-36827 (CVE-2026-36827)
OS command injection in CVE-2026-36827 (CVE-2026-36827). Risk of unauthorized operations or information disclosure.
CVE-2026-37281 OS Command Injection in express (CVE-2026-37281)
OS command injection in express (CVE-2026-37281). Successful exploitation can lead to full system takeover.
CVE-2026-27130 OS Command Injection in CVE-2026-27130 (CVE-2026-27130)
OS command injection in CVE-2026-27130 (CVE-2026-27130). Successful exploitation can lead to full system takeover.
CVE-2026-45626 OS Command Injection in github.com/getarcaneapp/arcane/backend (CVE-2026-45626)
OS command injection in github.com/getarcaneapp/arcane/backend (CVE-2026-45626). Risk of unauthorized operations or information disclosure. Exploitable via `GET /environments/{id}/volumes/{volumeName}/browse`.
CVE-2026-8767 Command Injection in vercel (CVE-2026-8767)
command injection in vercel (CVE-2026-8767). Risk of unauthorized operations or information disclosure.
CVE-2026-45578 OS Command Injection in WWBN/AVideo (CVE-2026-45578)
OS command injection in WWBN/AVideo (CVE-2026-45578). Successful exploitation can lead to full system takeover. Exploitable via ``on_publish.php``.
CVE-2026-45036 OS Command Injection in tabby (CVE-2026-45036)
OS command injection in tabby (CVE-2026-45036). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.0.233` or later.
CVE-2026-45035 OS Command Injection in tabby (CVE-2026-45035)
OS command injection in tabby (CVE-2026-45035). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.0.233` or later.
CVE-2026-46483 OS Command Injection in vim (CVE-2026-46483)
OS command injection in vim (CVE-2026-46483). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.2.0479` or later.
CVE-2026-41553 OS Command Injection in dhtmlx (CVE-2026-41553)
OS command injection in dhtmlx (CVE-2026-41553). Successful exploitation can lead to full system takeover.
CVE-2026-8654 OS Command Injection in CVE-2026-8654 (CVE-2026-8654)
OS command injection in CVE-2026-8654 (CVE-2026-8654). Risk of unauthorized operations or information disclosure.
CVE-2026-44666 OS Command Injection in CVE-2026-44666 (CVE-2026-44666)
OS command injection in CVE-2026-44666 (CVE-2026-44666). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.3.8` or later.
CVE-2026-45369 OS Command Injection in utcp-cli (CVE-2026-45369)
OS command injection in utcp-cli (CVE-2026-45369). Successful exploitation can lead to full system takeover. Exploitable via ``_substitute_utcp_args``. Mitigation: upgrade to `1.1.2` or later.
CVE-2026-41315 OS Command Injection in midoks (CVE-2026-41315)
OS command injection in midoks (CVE-2026-41315). Successful exploitation can lead to full system takeover.
CVE-2026-42589 OS Command Injection in github.com/gotenberg/gotenberg/v8 (CVE-2026-42589)
OS command injection in github.com/gotenberg/gotenberg/v8 (CVE-2026-42589). Successful exploitation can lead to full system takeover. Exploitable via ``dangerousTags``.
CVE-2026-42853 OS Command Injection in @apostrophecms/cli (CVE-2026-42853)
OS command injection in @apostrophecms/cli (CVE-2026-42853). Successful exploitation can lead to full system takeover.
CVE-2026-26191 OS Command Injection in github.com/fleetdm/fleet/v4 (CVE-2026-26191)
OS command injection in github.com/fleetdm/fleet/v4 (CVE-2026-26191). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.81.1` or later.
CVE-2026-8500 OS Command Injection in CVE-2026-8500 (CVE-2026-8500)
OS command injection in CVE-2026-8500 (CVE-2026-8500). Successful exploitation can lead to full system takeover.
CVE-2026-44194 OS Command Injection in opnsense (CVE-2026-44194)
OS command injection in opnsense (CVE-2026-44194). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `26.1.8` or later.
CVE-2026-0261 OS Command Injection in CVE-2026-0261 (CVE-2026-0261)
OS command injection in CVE-2026-0261 (CVE-2026-0261). Risk of unauthorized operations or information disclosure.
CVE-2026-6281 OS Command Injection in CVE-2026-6281 (CVE-2026-6281)
OS command injection in CVE-2026-6281 (CVE-2026-6281). Successful exploitation can lead to full system takeover.
CVE-2026-42924 OS Command Injection in privilege-escalation (CVE-2026-42924)
OS command injection in privilege-escalation (CVE-2026-42924). Confidential information can be exposed externally.
CVE-2026-34176 OS Command Injection in f5 (CVE-2026-34176)
OS command injection in f5 (CVE-2026-34176). Confidential information can be exposed externally.
CVE-2026-45152 OS Command Injection in gitlab.com/uniget-org/cli (CVE-2026-45152)
OS command injection in gitlab.com/uniget-org/cli (CVE-2026-45152). Successful exploitation can lead to full system takeover. Exploitable via ``check``. Mitigation: upgrade to `0.27.1` or later.
CVE-2026-45136 OS Command Injection in claude-code-cache-fix (CVE-2026-45136)
OS command injection in claude-code-cache-fix (CVE-2026-45136). Successful exploitation can lead to full system takeover. Exploitable via ``statusLine``. Mitigation: upgrade to `3.5.2` or later.
CVE-2026-44724 OS Command Injection in systeminformation (CVE-2026-44724)
OS command injection in systeminformation (CVE-2026-44724). Successful exploitation can lead to full system takeover. Exploitable via ``systeminformation``. Mitigation: upgrade to `5.31.6` or later.
CVE-2026-42062 OS Command Injection in CVE-2026-42062 (CVE-2026-42062)
OS command injection in CVE-2026-42062 (CVE-2026-42062). Successful exploitation can lead to full system takeover.
CVE-2026-35506 OS Command Injection in CVE-2026-35506 (CVE-2026-35506)
OS command injection in CVE-2026-35506 (CVE-2026-35506). Successful exploitation can lead to full system takeover.
CVE-2026-43685 OS Command Injection in claris (CVE-2026-43685)
OS command injection in claris (CVE-2026-43685). Successful exploitation can lead to full system takeover.
CVE-2026-44258 OS Command Injection in path-traversal (CVE-2026-44258)
OS command injection in path-traversal (CVE-2026-44258). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.08.010` or later.
CVE-2026-23821 OS Command Injection in CVE-2026-23821 (CVE-2026-23821)
OS command injection in CVE-2026-23821 (CVE-2026-23821). Successful exploitation can lead to full system takeover.
CVE-2026-23820 OS Command Injection in CVE-2026-23820 (CVE-2026-23820)
OS command injection in CVE-2026-23820 (CVE-2026-23820). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →