Weaknesses of type CWE-426
282 resultsCVE-2026-45721CRITICALAlgernon: handler.lua discovery walks parent directories above the server rootEPSS 0.4%CVE-2021-21237HIGHGit LFS can execute a Git binary from the current directory on WindowsEPSS 0.4%CVE-2023-27761HIGHAn issue found in Wondershare Technology Co., Ltd UniConverter v.14.0.0 allows a remote attacker to execute arbitrary commands via the unicoEPSS 0.4%CVE-2023-27768HIGHAn issue found in Wondershare Technology Co.,Ltd PDFelement v9.1.1 allows a remote attacker to execute arbitrary commands via the pdfelementEPSS 0.4%CVE-2023-27771HIGHAn issue found in Wondershare Technology Co.,Ltd Creative Centerr v.1.0.8 allows a remote attacker to execute arbitrary commands via the wonEPSS 0.4%CVE-2023-27767HIGHAn issue found in Wondershare Technology Co.,Ltd Dr.Fone v.12.4.9 allows a remote attacker to execute arbitrary commands via the drfone_setuEPSS 0.4%CVE-2023-27763HIGHAn issue found in Wondershare Technology Co.,Ltd MobileTrans v.4.0.2 allows a remote attacker to execute arbitrary commands via the mobiletrEPSS 0.4%CVE-2023-27762HIGHAn issue found in Wondershare Technology Co., Ltd DemoCreator v.6.0.0 allows a remote attacker to execute arbitrary commands via the democreEPSS 0.4%CVE-2023-27765HIGHAn issue found in Wondershare Technology Co.,Ltd Recoverit v.10.6.3 allows a remote attacker to execute arbitrary commands via the recoveritEPSS 0.4%CVE-2023-27766HIGHAn issue found in Wondershare Technology Co.,Ltd Anireel 1.5.4 allows a remote attacker to execute arbitrary commands via the anireel_setup_EPSS 0.4%CVE-2020-7490—A CWE-426: Untrusted Search Path vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 15 and prior) and Vijeo Designer (V6.9 SP9 and prEPSS 0.4%CVE-2023-27764HIGHAn issue found in Wondershare Technology Co.,Ltd Repairit v.3.5.4 allows a remote attacker to execute arbitrary commands via the repairit_seEPSS 0.4%CVE-2023-27760HIGHAn issue found in Wondershare Technology Co, Ltd Filmora v.12.0.9 allows a remote attacker to execute arbitrary commands via the filmora_setEPSS 0.4%CVE-2023-27769HIGHAn issue found in Wondershare Technology Co.,Ltd PDF Reader v.1.0.1 allows a remote attacker to execute arbitrary commands via the pdfreaderEPSS 0.4%CVE-2026-48565HIGHWindows Narrator Braille Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2026-21508HIGHWindows Storage Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2025-31480CRITICALaiven-extras allows PostgreSQL Privilege Escalation through format functionEPSS 0.4%CVE-2024-55503LOWAn issue in termius before v.9.9.0 allows a local attacker to execute arbitrary code via a crafted script to the DYLD_INSERT_LIBRARIES compoEPSS 0.4%CVE-2020-7476—A CWE-426: Untrusted Search Path vulnerability exists in ZigBee Installation Kit (Versions prior to 1.0.1), which could cause execution of mEPSS 0.4%CVE-2020-8338HIGHA DLL search path vulnerability was reported in Lenovo Diagnostics prior to version 4.35.4 that could allow a user with local access to execEPSS 0.4%