Weaknesses of type CWE-77

2,524 results
CVE-2026-9367MEDIUMNousResearch hermes-agent terminal_tool approval.py detect_dangerous_command os command injectionEPSS 1.7%CVE-2026-7698MEDIUMTiandy Easy7 Integrated Management Platform updateDbBackupInfo os command injectionEPSS 1.7%CVE-2026-5802MEDIUMidachev mcp-javadc HTTP os command injectionEPSS 1.7%CVE-2022-34820HIGHA vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CPEPSS 1.7%CVE-2025-29517MEDIUMD-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the traceroute6 fuEPSS 1.6%CVE-2024-57224CRITICALLinksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps fuEPSS 1.6%CVE-2024-57223CRITICALLinksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode fEPSS 1.6%CVE-2024-57225CRITICALLinksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.EPSS 1.6%CVE-2022-48338HIGHAn issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerEPSS 1.6%CVE-2023-26298HIGHPrevious versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.EPSS 1.6%CVE-2023-26296HIGHPrevious versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.EPSS 1.6%CVE-2023-26297HIGHPrevious versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.EPSS 1.6%CVE-2024-48440HIGHShenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 was discovered to contain a command EPSS 1.6%CVE-2026-7416MEDIUMPolarVista xcode-mcp-server MCP index.ts run_tests os command injectionEPSS 1.6%CVE-2025-10619MEDIUMsequa-ai sequa-mcp OAuth Server Discovery node-oauth-client-provider.ts redirectToAuthorization os command injectionEPSS 1.6%CVE-2024-48441HIGHWuhan Tianyu Information Industry Co., Ltd Tianyu CPE Router CommonCPExCPETS_v3.2.468.11.04_P4 was discovered to contain a command injectionEPSS 1.6%CVE-2025-50428CRITICALIn RaspAP raspap-webgui 3.3.2 and earlier, a command injection vulnerability exists in the includes/hostapd.php script. The vulnerability isEPSS 1.6%CVE-2024-34852MEDIUMF-logic DataCube3 v1.0 is affected by command injection due to improper string filtering at the command execution point in the ./admin/transEPSS 1.6%CVE-2026-11556HIGHTenda F451 Web Management WriteFacMac formWriteFacMac os command injectionEPSS 1.6%CVE-2024-3659CRITICALCommand injection in KAON AR2140 routersEPSS 1.6%