Weaknesses of type CWE-78

3,891 results
CVE-2026-44168HIGHMariaDB: wsrep SST unsafe parameter handling on the donor sideEPSS 0.6%CVE-2026-27602HIGHModoboa has an OS Command InjectionEPSS 0.6%CVE-2024-43387HIGHPhoenix Contact: Access files due to improper neutralization of special elements in MGUARD devicesEPSS 0.6%CVE-2026-32191CRITICALMicrosoft Bing Images Remote Code Execution VulnerabilityEPSS 0.6%CVE-2025-65882CRITICALAn issue was discovered in openmptcprouter thru 0.64 in file common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c in function creaEPSS 0.6%CVE-2024-56808LOWMedia Streaming add-onEPSS 0.6%CVE-2022-35717HIGH"IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending EPSS 0.6%CVE-2024-10653HIGHCHANGING Information Technology IDExpert - OS Command InjectionEPSS 0.6%CVE-2026-35581HIGHEmissary has a Command Injection via PLACE_NAME Configuration in ExecutrixEPSS 0.6%CVE-2024-5403HIGHASKEY 5G NR Small Cell - Command InjectionEPSS 0.6%CVE-2025-54072HIGHyt-dlp allows `--exec` command injection when using placeholder on WindowsEPSS 0.6%CVE-2026-24887HIGHClaude Code has a Command Injection in find Command Bypasses User Approval PromptEPSS 0.6%CVE-2024-5399HIGHOpenfind Mail2000 - OS Command InjectionEPSS 0.6%CVE-2025-53680MEDIUMAn improper neutralization of special elements used in an OS command ("OS Command Injection") vulnerability [CWE-78] vulnerability in FortinEPSS 0.6%CVE-2025-53870MEDIUMAn improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiAP 7.6.0 througEPSS 0.6%CVE-2023-5677MEDIUMBrandon Rothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API tcptest.cgi did not have a sufficient input EPSS 0.6%CVE-2025-22368HIGHMennekes smart/premium charges systems, Command injection in sCU firmware updateEPSS 0.6%CVE-2025-22366HIGHMennekes smart/premium charges systems, Command injection in firmware upgradeEPSS 0.6%CVE-2026-32056HIGHOpenClaw < 2026.2.22 - Remote Code Execution via Shell Startup Environment Variable Injection in system.runEPSS 0.6%CVE-2025-22367HIGHMennekes smart/premium charges systems, Command injection in time settingEPSS 0.6%