Fallos del tipo CWE-1236
171 resultadosCVE-2026-42267MEDIUMKimai: Formula Injection via tag names in XLSX exportEPSS 0.2%CVE-2025-58855HIGHWordPress AP HoneyPot WordPress Plugin Plugin <= 1.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2026-24447MEDIUMIf a malformed data is input to the affected product, a CSV file downloaded from the affected product may contain such malformed data. When EPSS 0.2%CVE-2025-1421LOWFormula injection in a CSV file in Proget MDMEPSS 0.2%CVE-2023-37219HIGH Tadiran Telecom Composit - CWE-1236: Improper Neutralization of Formula Elements in a CSV FileEPSS 0.2%CVE-2025-11279MEDIUMAxosoft Scrum and Bug Tracking Add Work Item csv injectionEPSS 0.2%CVE-2025-52612HIGHHCL iControl was affected by Export CSV - CSV Injection vulnerability.EPSS 0.2%CVE-2025-61873LOWBest Practical Request Tracker (RT) before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used.EPSS 0.2%CVE-2026-9673HIGHVersions of the package json-2-csv from 3.15.0 and before 5.5.11 are vulnerable to CSV Injection via the preventCsvInjection option which caEPSS 0.2%CVE-2026-41073MEDIUMRT: Spreadsheet downloads vulnerable to CSV/formula injection in Microsoft Excel and similar appsEPSS 0.2%CVE-2024-53921LOWAn issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permisEPSS 0.2%