Weaknesses of type CWE-78
3,891 resultsCVE-2026-40852HIGHCommand injection via malicious configurationEPSS 0.4%CVE-2026-44444CRITICALLumiverse: Spindle extension install runs untrusted lifecycle scripts before security scanEPSS 0.4%CVE-2026-27635HIGHManyfold vulnerable to OS command injection via ZIP filename in f3d renderEPSS 0.4%CVE-2023-40253MEDIUMImproper Authentication vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNEPSS 0.4%CVE-2019-1725MEDIUMCisco UCS B-Series Blade Servers Local Management CLI Arbitrary File Creation or CLI Parameter Injection VulnerabilityEPSS 0.4%CVE-2025-3189MEDIUMStored Cross-Site Scripting (XSS) in DoWISPEPSS 0.4%CVE-2026-46618MEDIUMFission builder accepts arbitrary buildcmd strings from Environment.spec.builder.command, allowing the builder pod to invoke arbitrary executablesEPSS 0.4%CVE-2026-34158HIGHCoolify: Command injection via single-quote breakout in Docker Compose custom commandsEPSS 0.4%CVE-2026-29783HIGHGitHub Copilot CLI allows for dangerous shell expansion patterns that enable arbitrary command executionEPSS 0.4%CVE-2024-38471MEDIUMMultiple TP-LINK products allow a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by restoring aEPSS 0.4%CVE-2026-23882HIGHBlinko: Admin RCE - MCP Server Command InjectionEPSS 0.4%CVE-2023-28767HIGHThe configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware versions 5.10 through 5.36, USG FLEX serieEPSS 0.4%CVE-2025-64106HIGHCursor: Speedbump Modal Bypass in MCP Server Deep-LinkEPSS 0.4%CVE-2026-44055HIGHBitwise OR logic bug enables shell injectionEPSS 0.4%CVE-2026-48800HIGHNotepad++: Arbitrary Code Execution via shortcuts.xml UserCommand InjectionEPSS 0.4%CVE-2026-42204HIGHCoolify: Authenticated RCE via SHELL_SAFE_COMMAND_PATTERN regression → host rootEPSS 0.4%CVE-2026-42153HIGHCoolify: PostgreSQL Healthcheck Command Injection Allows Root Code Execution in ContainerEPSS 0.4%CVE-2020-3417MEDIUMCisco IOS XE Software Arbitrary Code Execution VulnerabilityEPSS 0.4%CVE-2025-10239HIGHUnintended command execution via troubleshooting scripts in Progress FlowmonEPSS 0.4%CVE-2019-1732MEDIUMCisco NX-OS Software Remote Package Manager Command Injection VulnerabilityEPSS 0.4%