Weaknesses of type CWE-74
4,268 resultsCVE-2026-7580MEDIUMExiftool JPEG/QuickTime/MOV/MP4 GM.pm Process_mrld code injectionEPSS 0.2%CVE-2026-10688MEDIUMahujasid blender-mcp server.py execute_blender_code code injectionEPSS 0.2%CVE-2023-7333MEDIUMbluelabsio records-mover Table Object sql injectionEPSS 0.2%CVE-2025-13462LOWtarfile: Skip DIRTYPE normalization during GNU LONGNAME/LONGLINK handlingEPSS 0.2%CVE-2026-0972MEDIUMHTML Injection possible in system generated emails in Fortra's GoAnywhere MFTEPSS 0.2%CVE-2026-8795HIGHA YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostnamEPSS 0.1%CVE-2022-42544HIGHIn getView of AddAppNetworksFragment.java, there is a possible way to mislead the user about network add requests due to improper input valiEPSS 0.1%CVE-2026-44455MEDIUMHono: Unvalidated JSX Tag Names in hono/jsx May Allow HTML InjectionEPSS 0.1%CVE-2026-46546LOWFrappe LMS: HTML injection in user-controlled metadataEPSS 0.1%CVE-2026-4530MEDIUMapconw Aix-DB terminology_retriever.py sql injectionEPSS 0.1%CVE-2026-11475MEDIUMKushan2k student-management-system Certificate Verification Endpoint GradeController.php getStatus sql injectionEPSS 0.1%CVE-2026-0864MEDIUMConfiguration Injection via Carriage Return (\r) in write() methodEPSS 0.1%CVE-2025-69205MEDIUMIn µURU, a Specially Crafted Federation Name Allows Dialplan InjectionEPSS 0.1%CVE-2026-54231MEDIUMAbrt: unsanitized systemd journal content written to dump directory files enables content injectionEPSS 0.1%CVE-2026-15497MEDIUMSonicCloudOrg sonic-agent JWT Authentication Filter ExchangeController.java code injectionEPSS —CVE-2026-15517MEDIUMJinher OA PlanGiveOut.aspx sql injectionEPSS —CVE-2026-15537MEDIUMSourceCodester Online Book Store System login.php sql injectionEPSS —CVE-2026-15514MEDIUMMetasoft 美特软件 MetaCRM PHPRPC Remote Call rpc.jsp RPCService.query sql injectionEPSS —CVE-2026-15559MEDIUMCodeAstro Simple Online Leave Management System POST accept.php sql injectionEPSS —CVE-2026-15494MEDIUMAMTT Hotel Broadband Operation System switch_status.php sql injectionEPSS —