Weaknesses of type CWE-77
2,525 resultsCVE-2026-49196HIGHPredator Connect W6x: Web Interface Command InjectionEPSS 0.4%CVE-2025-61514MEDIUMAn arbitrary file upload vulnerability in SageMath, Inc CoCalc before commit 0d2ff58 allows attackers to execute arbitrary code via uploadinEPSS 0.4%CVE-2026-48116HIGHAnythingLLM: RCE via ripgrep --pre argument injection in filesystem-search-files agent skillEPSS 0.4%CVE-2024-57608MEDIUMAn issue in Via Browser 6.1.0 allows a a remote attacker to execute arbitrary code via the mark.via.Shell component.EPSS 0.4%CVE-2023-20075MEDIUMVulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary commands.
TheseEPSS 0.4%CVE-2025-64090CRITICALAuthenticated Remote Code Execution in device hostnameEPSS 0.4%CVE-2024-12111HIGHPotential LDAP injection vulnerability in OpenText Privileged Access ManagerEPSS 0.4%CVE-2025-27146LOWMatrix IRC Bridge allows IRC command injection to own puppeted userEPSS 0.4%CVE-2021-34726MEDIUMCisco SD-WAN Software Command Injection VulnerabilityEPSS 0.4%CVE-2025-29083MEDIUMSQL Injection vulnerability in CSZ-CMS v.1.3.0 allows a remote attacker to execute arbitrary code via the execSqlFile function in the PluginEPSS 0.4%CVE-2025-33181HIGHNVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could inject a command. A EPSS 0.4%CVE-2022-34432HIGHDell Hybrid Client below 1.8 version contains a gedit vulnerability. A guest attacker could potentially exploit this vulnerability, allowingEPSS 0.4%CVE-2026-40034HIGHgitoxide - Command Injection via Partial .gitmodules Override in gix-submoduleEPSS 0.4%CVE-2025-51459MEDIUMFile Upload vulnerability in agent.hub.controller.refresh_plugins in eosphoros-ai DB-GPT 0.7.0 allows remote attackers to execute arbitrary EPSS 0.3%CVE-2021-34729MEDIUMCisco IOS XE SD-WAN Software Command Injection VulnerabilityEPSS 0.3%CVE-2021-34725MEDIUMCisco IOS XE SD-WAN Software Command Injection VulnerabilityEPSS 0.3%CVE-2025-65657MEDIUMFeehiCMS version 2.1.1 has a Remote Code Execution via Unrestricted File Upload in Ad Management. FeehiCMS version 2.1.1 allows authenticateEPSS 0.3%CVE-2024-51259CRITICALDrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the EPSS 0.3%CVE-2026-30616HIGHJaaz 1.0.30 contains a remote code execution vulnerability in its MCP STDIO command execution handling. A remote attacker can send crafted nEPSS 0.3%CVE-2025-20306MEDIUMCisco Secure Firewall Management Center Software Command Injection VulnerabilityEPSS 0.3%