Weaknesses of type CWE-78

3,878 results
CVE-2026-46483LOWVim: Command injection in tar#Vimuntar via missing shellescape {special} flagEPSS 0.6%CVE-2022-27482HIGHA improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiADC version 7.0.0 through 7.0.EPSS 0.6%CVE-2024-31478MEDIUMMultiple unauthenticated Denial-of-Service (DoS) vulnerabilities exists in the Soft AP daemon accessed via the PAPI protocol. Successful expEPSS 0.6%CVE-2025-24379HIGHDell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command InjectionEPSS 0.5%CVE-2026-45172HIGHIdira Privileged Session Manager for SSH (PSMP): Arbitrary Command Execution via Improper Neutralization of Special Elements used in an OS CommandEPSS 0.5%CVE-2024-49563HIGHDell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command InjectionEPSS 0.5%CVE-2024-26023MEDIUMOS command injection vulnerability in BUFFALO wireless LAN routers allows a logged-in user to execute arbitrary OS commands.EPSS 0.5%CVE-2025-24378HIGHDell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command InjectionEPSS 0.5%CVE-2025-41663CRITICALWeidmueller: Security routers IE-SR-2TX are affected by Command InjectionEPSS 0.5%CVE-2026-34111CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in speechmac_text.phpEPSS 0.5%CVE-2024-31482MEDIUMAn unauthenticated Denial-of-Service (DoS) vulnerability exists in the ANSI escape code service accessed via the PAPI protocol. Successful eEPSS 0.5%CVE-2026-34116CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in transcribe.phpEPSS 0.5%CVE-2026-34108CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in text.phpEPSS 0.5%CVE-2026-34110CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in complex_start.phpEPSS 0.5%CVE-2026-44604HIGHRpm: command injection in rpmuncompress dountar() via unescaped archive top-level directory name in popen() shell commandEPSS 0.5%CVE-2026-7461HIGHOS Command Injection in Amazon ECS Agent via FSx Windows File Server Volume CredentialsEPSS 0.5%CVE-2026-32968CRITICALUnauthenticated RCE in com_mb24sysapiEPSS 0.5%CVE-2024-27778HIGHAn improper neutralization of special elements used in an OS Command vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 4.4.0 thrEPSS 0.5%CVE-2026-34937HIGHPraisonAI: Shell Injection in run_python() via Unescaped $() SubstitutionEPSS 0.5%CVE-2025-30044CRITICALRCE on uhcapache user permissionsEPSS 0.5%