Weaknesses of type CWE-78

3,878 results
CVE-2022-35717HIGH"IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending EPSS 0.6%CVE-2026-35581HIGHEmissary has a Command Injection via PLACE_NAME Configuration in ExecutrixEPSS 0.6%CVE-2024-10653HIGHCHANGING Information Technology IDExpert - OS Command InjectionEPSS 0.6%CVE-2024-5399HIGHOpenfind Mail2000 - OS Command InjectionEPSS 0.6%CVE-2026-24887HIGHClaude Code has a Command Injection in find Command Bypasses User Approval PromptEPSS 0.6%CVE-2025-54072HIGHyt-dlp allows `--exec` command injection when using placeholder on WindowsEPSS 0.6%CVE-2024-5403HIGHASKEY 5G NR Small Cell - Command InjectionEPSS 0.6%CVE-2025-53870MEDIUMAn improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiAP 7.6.0 througEPSS 0.6%CVE-2025-53680MEDIUMAn improper neutralization of special elements used in an OS command ("OS Command Injection") vulnerability [CWE-78] vulnerability in FortinEPSS 0.6%CVE-2023-5677MEDIUMBrandon Rothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API tcptest.cgi did not have a sufficient input EPSS 0.6%CVE-2025-22368HIGHMennekes smart/premium charges systems, Command injection in sCU firmware updateEPSS 0.6%CVE-2026-32056HIGHOpenClaw < 2026.2.22 - Remote Code Execution via Shell Startup Environment Variable Injection in system.runEPSS 0.6%CVE-2025-22367HIGHMennekes smart/premium charges systems, Command injection in time settingEPSS 0.6%CVE-2025-22366HIGHMennekes smart/premium charges systems, Command injection in firmware upgradeEPSS 0.6%CVE-2025-30370HIGHjupyterlab-git has a command injection vulnerability in "Open Git Repository in Terminal"EPSS 0.6%CVE-2025-64140HIGHJenkins Azure CLI Plugin 0.9 and earlier does not restrict which commands it executes on the Jenkins controller, allowing attackers with IteEPSS 0.6%CVE-2026-23820HIGHInconsistent input filtering allows Authenticated Command Injection in AOS-8 Instant and AOS-10 CLIEPSS 0.6%CVE-2026-42563HIGHDulwich Vulnerable to Command Injection via Merge Driver PathEPSS 0.6%CVE-2025-60803CRITICALAntabot White-Jotter up to commit 9bcadc was discovered to contain an unauthenticated remote code execution (RCE) vulnerability via the compEPSS 0.6%CVE-2026-39862MEDIUMTophat has a Command Injection Vulnerability When Accessing a Maliciously Crafted Tophat LinkEPSS 0.6%