Weaknesses of type CWE-78
3,847 resultsCVE-2026-10273MEDIUMphp-censor Webhook Endpoint GitBuild.php os command injectionEPSS 1.4%CVE-2026-7590MEDIUMeyal-gor p_69_branch_monkey_mcp Preview Endpoint advanced.py os command injectionEPSS 1.4%CVE-2024-33434CRITICALAn issue in tiagorlampert CHAOS v5.0.1 before 1b451cf62582295b7225caf5a7b506f0bad56f6b and 24c9e109b5be34df7b2bce8368eae669c481ed5e allows aEPSS 1.4%CVE-2025-47212MEDIUMQTS, QuTS heroEPSS 1.4%CVE-2026-9437MEDIUMDTStack Taier REST API Runtime.exec os command injectionEPSS 1.4%CVE-2026-7593MEDIUMSunwood-ai-labs command-executor-mcp-server MCP index.ts execute_command os command injectionEPSS 1.4%CVE-2022-32752HIGHIBM Security Directory Suite VA command executionEPSS 1.4%CVE-2021-46686CRITICALImproper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in acmailer CGI ver.4.0.3 and earlieEPSS 1.4%CVE-2022-34374HIGHDell Container Storage Modules 1.2 contains an OS command injection in goiscsi and gobrick libraries. A remote authenticated malicious user EPSS 1.4%CVE-2020-8130—There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe cEPSS 1.4%CVE-2025-47856HIGHTwo improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiVoiEPSS 1.4%CVE-2022-48069HIGHTotolink A830R V4.1.2cu.5182 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter.EPSS 1.4%CVE-2025-11730HIGHA post‑authentication command injection vulnerability in the Dynamic DNS (DDNS) configuration CLI command in Zyxel ATP series firmware versiEPSS 1.4%CVE-2024-50359HIGHA CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" was discovered affecting the followingEPSS 1.4%CVE-2026-11526CRITICALGD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandleEPSS 1.4%CVE-2026-7061MEDIUMToowiredd chatgpt-mcp-server MCP/HTTP docker.service.ts os command injectionEPSS 1.4%CVE-2023-25925HIGHIBM Security Guardium Key Lifecycle Manager command injectionEPSS 1.4%CVE-2026-38065CRITICALTenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_ims_on_with_apn via the ims_apn parameter.EPSS 1.3%CVE-2026-21893CRITICALn8n Vulnerable to Command Injection in Community Package InstallationEPSS 1.3%CVE-2025-46272CRITICALPlanet Technology Network Products OS Command InjectionEPSS 1.3%