Weaknesses of type CWE-78
3,891 resultsCVE-2026-45578HIGHWWBN AVideo Live: OS command injection in on_publish.php execAsync via unescaped m3u8 URLEPSS 0.3%CVE-2026-44345HIGHBentoML: Dockerfile command injection via docker.base_imageEPSS 0.3%CVE-2026-9645CRITICALScadaBR Authenticated Remote Code ExecutionEPSS 0.3%CVE-2025-36143MEDIUMIBM watsonx.data command executionEPSS 0.3%CVE-2026-35043HIGHBentoML: command injection in cloud deployment setup script (deployment.py)EPSS 0.3%CVE-2026-27849CRITICALMissing neutralization in Linksys MR9600, Linksys MX4200EPSS 0.3%CVE-2025-27614HIGHGitk allows arbitrary command executionEPSS 0.3%CVE-2024-33793MEDIUMnetis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the ping test page.EPSS 0.3%CVE-2024-37391HIGHProtonVPN before 3.2.10 on Windows mishandles the drive installer path, which should use this: '"' + ExpandConstant('{autopf}\Proton\Drive')EPSS 0.3%CVE-2024-40641HIGHUnsigned code template execution through workflows in projectdiscovery/nucleiEPSS 0.3%CVE-2025-67738HIGHsquid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if Webmin's Squid module and its Cache ManagerEPSS 0.3%CVE-2026-27441CRITICALPDF Password CMDiEPSS 0.3%CVE-2024-1683HIGHDLL Injection in Tenable Identity Exposure Secure RelayEPSS 0.3%CVE-2025-27398LOWA vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly neutralEPSS 0.3%CVE-2025-10568MEDIUMHyperX NGENUITY - Arbitrary Code ExecutionEPSS 0.3%CVE-2021-21503HIGHPowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command. The Compadmin user could potentially explEPSS 0.3%CVE-2020-11847HIGHVulnerability in sshrelay in privileged access manager provides full system access.EPSS 0.3%CVE-2021-1441MEDIUMCisco IOS XE Software Hardware Initialization Routines Arbitrary Code Execution VulnerabilityEPSS 0.3%CVE-2026-26982MEDIUMGhostty affected by arbitrary command execution via control characters in paste and drag-and-drop operationsEPSS 0.3%CVE-2026-42994HIGHBitwarden CLI 2026.4.0 from 2026-04-22T21:57Z to 2026-04-22T23:30Z, when obtained from npm, had embedded malicious code. This is related to EPSS 0.3%