Weaknesses of type CWE-78
3,885 resultsCVE-2025-27262HIGHEricsson Indoor Connect 8855 - Improper Neutralization of Special Elements used in an OS Command VulnerabilityEPSS 0.8%CVE-2025-55055MEDIUMCWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')EPSS 0.8%CVE-2025-34160CRITICALAnyShare ServiceAgent API Unauthenticated RCEEPSS 0.8%CVE-2025-60962HIGHOS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers tEPSS 0.8%CVE-2025-60959HIGHOS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6010-0071-000 Ver 4.00 allows attackers tEPSS 0.8%CVE-2024-48861HIGHQHoraEPSS 0.8%CVE-2026-45629CRITICALDokploy: Authenticated Remote Code Execution via Command Injection in /listen-deployment WebSocket EndpointEPSS 0.8%CVE-2025-71336CRITICALFlowise - Unsandboxed Remote Code Execution via Custom MCPEPSS 0.8%CVE-2025-6193MEDIUMTrustyai-explainability: command injection via lmevaljob crEPSS 0.8%CVE-2023-42128HIGHMagnet Forensics AXIOM Command Injection Remote Code Execution VulnerabilityEPSS 0.8%CVE-2021-4029HIGHA command injection vulnerability in the CGI program of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary OS commaEPSS 0.8%CVE-2020-37012CRITICALTea LaTex 1.0 - Remote Code ExecutionEPSS 0.8%CVE-2025-12763MEDIUMCommand injection vulnerability allowing arbitrary command execution on WindowsEPSS 0.8%CVE-2022-27486MEDIUMA improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiDDoS version 5.5.0 through 5.5EPSS 0.8%CVE-2022-45461HIGHThe Java Admin Console in Veritas NetBackup through 10.1 and related Veritas products on Linux and UNIX allows authenticated non-root users EPSS 0.8%CVE-2025-58371CRITICALRoo Code is vulnerable to command injection via GitHub actions workflowEPSS 0.8%CVE-2026-40030HIGHparseusbs < 1.9 Command Injection via Volume Path ArgumentEPSS 0.8%CVE-2023-21411HIGHNon-sanitized user input could lead to arbitrary code execution during Access Control configuration in AXIS License Plate VerifierEPSS 0.7%CVE-2023-21410HIGHNon-sanitized user input could lead to arbitrary code execution in AXIS License Plate VerifierEPSS 0.7%CVE-2025-64340MEDIUMFastMCP has a Command Injection vulnerability - Gemini CLIEPSS 0.7%