Weaknesses of type CWE-150
65 resultsCVE-2024-56201MEDIUMJinja has a sandbox breakout through malicious filenamesEPSS 0.3%CVE-2025-23026MEDIUMHTML templates containing Javascript template strings are subject to XSS in jteEPSS 0.3%CVE-2026-3108HIGHTerminal Escape Injection in mmctl Report Posts CommandEPSS 0.3%CVE-2025-30089MEDIUMgurk (aka gurk-rs) through 0.6.3 mishandles ANSI escape sequences.EPSS 0.3%CVE-2026-50639MEDIUMMetrics::Any::Adapter::SignalFx versions before 0.04 for Perl does not protect against metric injectionsEPSS 0.3%CVE-2026-46741HIGHEtsy::StatsD versions through 1.002002 for Perl allow metric injectionsEPSS 0.3%CVE-2026-35651MEDIUMOpenClaw 2026.2.13 < 2026.3.25 - ANSI Escape Sequence Injection in Approval PromptEPSS 0.3%CVE-2026-46739MEDIUMNet::Statsd versions before 0.13 for Perl allow metric injectionsEPSS 0.3%CVE-2023-39342LOWDangerzone CLI does not sanitize ANSI escape characters EPSS 0.2%CVE-2024-58251LOWIn netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequeEPSS 0.2%CVE-2026-6019LOWBaseCookie.js_output() does not neutralize embedded charactersEPSS 0.2%CVE-2026-8788HIGHNet::Statsd::Lite versions through 0.10.0 for Perl allowed metric injectionsEPSS 0.2%CVE-2025-1692MEDIUMMongoDB Shell may be susceptible to control character injection via pastingEPSS 0.2%CVE-2026-8722MEDIUMNet::Async::Statsd::Client versions through 0.005 for Perl allow metric injectionsEPSS 0.2%CVE-2026-45803LOWgh: GitHub Actions log output in `gh run view` allows terminal escape sequence injectionEPSS 0.2%CVE-2024-43785LOWgitoxide-core does not neutralize special characters for terminalsEPSS 0.2%CVE-2025-1693LOWMongoDB Shell may be susceptible to control character Injection via shell outputEPSS 0.2%CVE-2025-62845MEDIUMQuRouterEPSS 0.2%CVE-2026-45038HIGHTabby: Dragging and Dropping a File into Tabby Can Lead to Code ExecutionEPSS 0.2%CVE-2026-41526MEDIUMIn KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This EPSS 0.2%