Weaknesses of type CWE-78

3,840 results
CVE-2026-5663MEDIUMOFFIS DCMTK storescp storescp.cc executeOnEndOfStudy os command injectionEPSS 1.7%CVE-2026-12850CRITICALGeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerabilityEPSS 1.7%CVE-2026-12486CRITICALGeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerabilityEPSS 1.7%CVE-2025-54135HIGHCursor Agent is vulnerable to prompt injection via MCP Special FilesEPSS 1.7%CVE-2026-0759CRITICALKatana Network Development Starter Kit executeCommand Command Injection Remote Code Execution VulnerabilityEPSS 1.7%CVE-2026-26323HIGHOpenClaw has a command injection in maintainer clawtributors updaterEPSS 1.7%CVE-2024-57011HIGHTOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "minute" parameters in setScEPSS 1.7%CVE-2024-39091HIGHAn OS command injection vulnerability in the ccm_debug component of MIPC Camera firmware prior to v5.4.1.240424171021 allows attackers withiEPSS 1.7%CVE-2026-7064MEDIUMAgentDeskAI browser-tools-mcp browser-connector.ts os command injectionEPSS 1.7%CVE-2023-51625HIGHD-Link DCS-8300LHV2 ONVIF SetSystemDateAndTime Command Injection Remote Code Execution VulnerabilityEPSS 1.7%CVE-2026-26832CRITICALnode-tesseract-ocr is an npm package that provides a Node.js wrapper for Tesseract OCR. In all versions through 2.2.1, the recognize() functEPSS 1.7%CVE-2025-32002CRITICALImproper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in I-O DATA network attached hard diEPSS 1.7%CVE-2024-24333CRITICALTOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the desc parameter in the setWiFiAclEPSS 1.7%CVE-2024-23060CRITICALTOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDmzCfg fuEPSS 1.7%CVE-2023-35762CRITICALOS Command Injection in INEA ME RTUEPSS 1.7%CVE-2024-52034CRITICALmySCADA myPRO OS Command InjectionEPSS 1.7%CVE-2022-37897CRITICALThere is a command injection vulnerability that could lead to unauthenticated remote code execution by sending specially crafted packets desEPSS 1.7%CVE-2022-37900HIGHAuthenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilitieEPSS 1.7%CVE-2022-37902HIGHAuthenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilitieEPSS 1.7%CVE-2026-2629MEDIUMjishi node-sonos-http-api TTS Provider mac-os.js Promise os command injectionEPSS 1.7%