Weaknesses of type CWE-77
2,524 resultsCVE-2025-54416CRITICALtj-actions/branch-names Contains Command Injection VulnerabilityEPSS 0.5%CVE-2025-53774MEDIUMMicrosoft 365 Copilot BizChat Information Disclosure VulnerabilityEPSS 0.5%CVE-2024-12251HIGHImproper neutralization special element in hyperlinksEPSS 0.5%CVE-2024-33439CRITICALAn issue in Kasda LinkSmart Router KW5515 v1.7 and before allows an authenticated remote attacker to execute arbitrary OS commands via cgi pEPSS 0.5%CVE-2021-0253HIGHJunos OS: NFX Series: Local Command Execution Vulnerability in JDMD Leads to Privilege EscalationEPSS 0.5%CVE-2019-1735MEDIUMCisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)EPSS 0.5%CVE-2024-54660HIGHA JNDI injection issue was discovered in Cloudera JDBC Connector for Hive before 2.6.26 and JDBC Connector for Impala before 2.6.35. AttackeEPSS 0.5%CVE-2024-57036HIGHTOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerEPSS 0.5%CVE-2020-11073HIGHRemote Code Execution in Autoswitch Python VirtualenvEPSS 0.5%CVE-2026-41497CRITICALIncomplete fix for CVE-2026-34935: Command Injection in MervinPraison/PraisonAIEPSS 0.5%CVE-2024-38641HIGHQTS, QuTS heroEPSS 0.5%CVE-2024-51258HIGHDrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the EPSS 0.5%CVE-2024-48144CRITICALA prompt injection vulnerability in the chatbox of Fusion Chat Chat AI Assistant Ask Me Anything v1.2.4.0 allows attackers to access and exfEPSS 0.5%CVE-2024-48145CRITICALA prompt injection vulnerability in the chatbox of Netangular Technologies ChatNet AI Version v1.0 allows attackers to access and exfiltrateEPSS 0.5%CVE-2026-22708HIGHCursor has a Terminal Tool Allowlist Bypass via Environment VariablesEPSS 0.5%CVE-2022-35503HIGHImproper verification of a user input in Open Source MANO v7-v12 allows an authenticated attacker to execute arbitrary code within the LCM mEPSS 0.5%CVE-2021-0252HIGHJunos OS: NFX Series: Local Code Execution Vulnerability in JDMD Leads to Privilege EscalationEPSS 0.5%CVE-2025-52365HIGHA command injection vulnerability in the szc script of the ccurtsinger/stabilizer repository allows remote attackers to execute arbitrary syEPSS 0.5%CVE-2026-46529HIGHPDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopenEPSS 0.5%CVE-2024-44383HIGHWAYOS FBM-291W v19.09.11 is vulnerable to Command Execution via msp_info_htm.EPSS 0.5%