Weaknesses of type CWE-93
150 resultsCVE-2023-23936MEDIUMCRLF Injection in Nodejs ‘undici’ via hostEPSS 1.1%CVE-2025-25184MEDIUMPossible Log Injection in Rack::CommonLoggerEPSS 1.1%CVE-2026-30227MEDIUMMimeKit: CRLF Injection in Quoted Local-Part Enables SMTP Command Injection and Email ForgeryEPSS 1.1%CVE-2023-38551HIGHA CRLF Injection vulnerability in Ivanti Connect Secure (9.x, 22.x) allows an authenticated high-privileged user to inject malicious code onEPSS 1.0%CVE-2026-39849HIGHPi-hole FTL remote code execution via newline injection in dns.interface configurationEPSS 1.0%CVE-2023-49082MEDIUMaiohttp's ClientSession is vulnerable to CRLF injection via methodEPSS 0.9%CVE-2026-42258MEDIUMnet-imap: Command Injection via unvalidated Symbol inputsEPSS 0.9%CVE-2020-3246MEDIUMCisco Umbrella Carriage Return Line Feed Injection VulnerabilityEPSS 0.9%CVE-2020-15111MEDIUMCRLF vulnerability in FiberEPSS 0.9%CVE-2026-35517HIGHPi-hole FTL affected by Remote Code Execution (RCE) via dns.upstreams Newline InjectionEPSS 0.9%CVE-2021-4097MEDIUMCRLF Injection in phpservermon/phpservermonEPSS 0.8%CVE-2024-51981MEDIUMUnauthenticated Server Side Request Forgery (SSRF) via WS-Eventing affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, and Toshiba Tec, and Konica Minolta, Inc.EPSS 0.8%CVE-2019-15616—Dangling remote share attempts in Nextcloud 16 allow a DNS pollution when running long.EPSS 0.8%CVE-2026-35520HIGHPi-hole FTL affected by Remote Code Execution (RCE) via dhcp.leaseTime Newline InjectionEPSS 0.7%CVE-2025-27111MEDIUMEscape Sequence Injection vulnerability in Rack lead to Possible Log InjectionEPSS 0.7%CVE-2026-35521HIGHPi-hole FTL affected by Remote Code Execution (RCE) via dhcp.hosts Newline InjectionEPSS 0.7%CVE-2026-35518HIGHPi-hole FTL affected by Remote Code Execution (RCE) via dns.cnameRecords Newline InjectionEPSS 0.7%CVE-2024-32986CRITICALArbitrary code execution due to improper sanitization of web app properties in PWAsForFirefox EPSS 0.7%CVE-2024-5193MEDIUMRitlabs TinyWeb Server Request crlf injectionEPSS 0.7%CVE-2024-40324CRITICALA CRLF injection vulnerability in E-Staff v5.1 allows attackers to insert Carriage Return (CR) and Line Feed (LF) characters into input fielEPSS 0.6%