Weaknesses of type CWE-917
49 resultsCVE-2026-2587CRITICALA critical Remote Code Execution (RCE) vulnerability was identified in the server-side template rendering mechanism used by the Glassfish gaEPSS 0.6%CVE-2024-7552MEDIUMDataGear Data Schema Page ConversionSqlParamValueMapper.java evaluateVariableExpression expression language injectionEPSS 0.6%CVE-2024-51466CRITICALIBM Cognos Analytics expression language injectionEPSS 0.6%CVE-2026-40478CRITICALImproper neutralization of specific syntax patterns for unauthorized expressions in ThymeleafEPSS 0.6%CVE-2025-3322CRITICALImproper Neutralization of Special Elements in OnlineSuiteEPSS 0.6%CVE-2026-22729HIGHCVE-2026-22729: JSONPath Injection in Spring AI Vector Stores FilterExpressionConverterEPSS 0.5%CVE-2022-23504MEDIUMTYPO3 contains Sensitive Information Disclosure via YAML Placeholder Expressions in Site ConfigurationEPSS 0.5%CVE-2026-31380MEDIUMApache OFBiz: FreeMarker SSTI via Duplicate Parameter Sanitization BypassEPSS 0.5%CVE-2024-0715HIGHEL Injection Vulnerability in Hitachi Global Link ManagerEPSS 0.5%CVE-2022-4146HIGHEL Injection Vulnerability in Hitachi Replication ManagerEPSS 0.5%CVE-2025-41253HIGHSpring Cloud Gateway Webflux SpEL Injection Vulnerability Allowing Exposure of Environment VariablesEPSS 0.4%CVE-2026-42811CRITICALApache Polaris: could broaden vended GCS credentials through unescaped identifier content in access-boundary CEL conditionsEPSS 0.4%CVE-2026-41901CRITICALThymeleaf: Improper recognition of unauthorized syntax patterns in sandboxed Thymeleaf expressionsEPSS 0.4%CVE-2025-11175HIGHDiscussionTools should use better regexEPSS 0.4%CVE-2026-11561CRITICALSSTI in Soagen Informatics' ApinizerEPSS 0.4%CVE-2026-8759MEDIUMxiandafu beetl SpELFunction SpELFunction.java expression language injectionEPSS 0.4%CVE-2024-12798MEDIUMJaninoEventEvaluator vulnerabilityEPSS 0.4%CVE-2026-41729HIGHSpring Data REST SpEL Injection via Map Key in JSON PatchEPSS 0.4%CVE-2026-41883HIGHOmniFaces: EL injection via crafted resource name in wildcard CDN mappingEPSS 0.4%CVE-2024-5828HIGHEL Injection Vulnerability in Hitachi Tuning ManagerEPSS 0.4%