Weaknesses of type CWE-78
3,880 resultsCVE-2026-22761MEDIUMDell PowerProtect Data Domain, versions 8.5 through 8.6 contain a command injection vulnerability. A high privileged attacker with remote acEPSS 1.2%CVE-2025-20186HIGHA vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisco IOS XE Software could allow an authentEPSS 1.2%CVE-2026-31226CRITICALThe TinyZero project thru commit 6652a63c57fa7e5ccde3fc9c598c7176ff15b839 (2025-58-24) contains a critical command injection vulnerability (EPSS 1.2%CVE-2026-13561MEDIUMEdimax EW-7478APC POST Request formiNICbasic os command injectionEPSS 1.2%CVE-2026-13581MEDIUMEdimax EW-7478APC POST Request formStaDrvSetup os command injectionEPSS 1.2%CVE-2026-13560MEDIUMEdimax EW-7478APC POST Request formAccept os command injectionEPSS 1.2%CVE-2026-9424MEDIUMEdimax EW-7438RPn Content-Type formWlanMP os command injectionEPSS 1.2%CVE-2026-12815MEDIUMcoollabsio coolify Image Name os command injectionEPSS 1.2%CVE-2026-1460HIGHA post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0 and EXEPSS 1.2%CVE-2026-41015HIGHradare2 before 9236f44, when configured on UNIX without SSL, allows command injection via a PDB name to rabin2 -PP. NOTE: although users areEPSS 1.2%CVE-2022-24390HIGHAuthenticated Command Injection Vulnerability in Fidelis Network and DeceptionEPSS 1.1%CVE-2025-20055CRITICALOS command injection vulnerability exists in network storage servers STEALTHONE D220/D340 provided by Y'S corporation. An attacker who can aEPSS 1.1%CVE-2026-26318HIGHsysteminformation has Command Injection via Unsanitized `locate` Output in `versions()`EPSS 1.1%CVE-2025-58116HIGHImproper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in WN-7D36QR and WN-7D36QR/UE. If thEPSS 1.1%CVE-2025-64444HIGHImproper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in NCP-HG100 1.4.48.16 and earlier. EPSS 1.1%CVE-2021-26726HIGHRemote code execution in Valmet DNA before Collection 2021EPSS 1.1%CVE-2024-53286HIGHImproper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in DDNS Record functionality in SynEPSS 1.1%CVE-2025-57516HIGHOS Command injection vulnerability in PublicCMS PublicCMS-V5.202506.a, and PublicCMS-V5.202506.b allowing attackers to execute arbitrary comEPSS 1.1%CVE-2022-40176—A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), DEPSS 1.1%CVE-2022-21143HIGHAirspan Networks Mimosa OS Command InjectionEPSS 1.1%