Weaknesses of type CWE-78
3,891 resultsCVE-2026-32311CRITICALCommand Injection and Docker container escape allows root on host machineEPSS 0.5%CVE-2024-31668CRITICALrizin before v0.6.3 is vulnerable to Improper Neutralization of Special Elements via meta_set function in librz/analysis/meta.EPSS 0.5%CVE-2025-41281HIGHNozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in WateEPSS 0.5%CVE-2026-22718MEDIUMCommand injection vulnerabilityEPSS 0.5%CVE-2025-9997MEDIUMCWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause comEPSS 0.5%CVE-2018-19639MEDIUMCode execution if run with command line switch -vEPSS 0.5%CVE-2025-0119MEDIUMCortex XDR Broker VM: Authenticated Command Injection Vulnerability in Broker VMEPSS 0.5%CVE-2026-28384CRITICALAuthenticated RCE via unsanitized compression_algorithmEPSS 0.5%CVE-2026-41411MEDIUMVim: Command injection via backtick expansion in tag filenamesEPSS 0.5%CVE-2024-6032HIGHTesla Model S Iris Modem ql_atfwd Command Injection Code Execution VulnerabilityEPSS 0.5%CVE-2026-33613HIGHMB connect line mbCONNECT24 vulnerable to RCE in generateSrpArrayEPSS 0.5%CVE-2024-2742MEDIUMOS Command Injection in Planet IGS-4215-16T2SEPSS 0.5%CVE-2025-11142HIGHThe VAPIX API mediaclip.cgi that did not have a sufficient input validation allowing for a possible remote code execution. This flaw can onlEPSS 0.5%CVE-2026-28391CRITICALOpenClaw < 2026.2.2 - Command Injection via cmd.exe Parsing Bypass in Allowlist EnforcementEPSS 0.5%CVE-2025-24022HIGHiTop server vulnerable to portal code injectionEPSS 0.5%CVE-2023-48428HIGHA vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The radius configuration mechanism of affected productsEPSS 0.5%CVE-2023-27999HIGHAn improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC 7.2.0, 7.1.0 through 7.1.1 may allowEPSS 0.5%CVE-2025-47857MEDIUMA improper neutralization of special elements used in an os command ('os command injection') vulnerability [CWE-78] in Fortinet FortiWeb CLIEPSS 0.5%CVE-2023-20175HIGHA vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on theEPSS 0.5%CVE-2026-48731HIGHWarp: Linux external editor command injectionEPSS 0.5%