Falhas do tipo CWE-94
3.767 resultadosCVE-2026-24887HIGHClaude Code has a Command Injection in find Command Bypasses User Approval PromptEPSS 0.6%CVE-2024-42911HIGHECOVACS Robotics Deebot T20 OMNI and T20e OMNI before 1.24.0 was discovered to contain a WiFi Remote Code Execution vulnerability.EPSS 0.6%CVE-2025-5013MEDIUMHkCms Search index.html cross site scriptingEPSS 0.6%CVE-2026-44827HIGHDiffusers: None.py Trust Remote Code BypassEPSS 0.6%CVE-2025-1810MEDIUMPixsoft Vivaz Login Endpoint servlet cross site scriptingEPSS 0.6%CVE-2025-9003MEDIUMD-Link DIR-818LW DHCP Reserved Address bsc_lan.php cross site scriptingEPSS 0.6%CVE-2025-1615MEDIUMFiberHome AN5506-01A ONU GPON NAT Submenu cross site scriptingEPSS 0.6%CVE-2026-52778CRITICALYesWiki has Unsafe eval() in Formula Calculator - Remote Code Execution (RCE) & Denial of Service (DoS)EPSS 0.6%CVE-2026-50872CRITICALAn issue in the loopback request handling component of fossar selfoss v2.20-SNAPSHOT allows attackers to execute arbitrary commands and obtaEPSS 0.6%CVE-2024-21577CRITICALComfyUI-Ace-Nodes is vulnerable to Code Injection. The ACE_ExpressionEval node contains an eval() in its entrypoint function that accepts arEPSS 0.6%CVE-2024-48279HIGHA HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2. This EPSS 0.6%CVE-2024-10761MEDIUMUmbraco CMS Dashboard frame cross site scriptingEPSS 0.6%CVE-2017-20251CRITICALWordPress Insert PHP Plugin 4.7.0 PHP Code Injection via REST APIEPSS 0.6%CVE-2025-58768CRITICALDeepChat's Mermaid rendering has XSS leading to RCEEPSS 0.6%CVE-2026-39891HIGHPraisonAI has a Template Injection in Agent Tool DefinitionsEPSS 0.6%CVE-2025-42887CRITICALCode Injection vulnerability in SAP Solution ManagerEPSS 0.6%CVE-2026-31040CRITICALA vulnerability was identified in stata-mcp prior to v1.13.0 where insufficient validation of user-supplied Stata do-file content can lead tEPSS 0.6%CVE-2023-51313HIGHPHPJabbers Restaurant Booking System v3.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The EPSS 0.6%CVE-2024-27705HIGHCross Site Scripting vulnerability in Leantime v3.0.6 allows attackers to execute arbitrary code via upload of crafted PDF file to the filesEPSS 0.6%CVE-2021-33635CRITICALPull malicious images may cause process to be hijackedEPSS 0.6%