Fallos del tipo CWE-77
2524 resultadosCVE-2026-7220MEDIUMjackwrichards FastlyMCP fastly_cli Tool fastly-mcp.mjs os command injectionEPSS 1.3%CVE-2026-7215MEDIUMegtai gmx-vmd-mcp VMD Launch mcp_server.py launch_vmd_gui_tool command injectionEPSS 1.3%CVE-2026-5741MEDIUMsuvarchal docker-mcp-server HTTP index.ts pull_image os command injectionEPSS 1.3%CVE-2026-7211MEDIUMdvladimirov MCP Git Search API mcp_server.py GitSearchRequest command injectionEPSS 1.3%CVE-2026-7058MEDIUM666ghj MiroFish Inter-Process Communication simulation_ipc.py SimulationIPCClient.send_command command injectionEPSS 1.3%CVE-2026-7066MEDIUMchoieastsea simple-openstack-mcp server.py exec_openstack os command injectionEPSS 1.3%CVE-2026-10219MEDIUMnextlevelbuilder GoClaw write_file Tool fsbridge.go FsBridge.WriteFile os command injectionEPSS 1.3%CVE-2024-34206MEDIUMTOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the setWebWlanIdx function EPSS 1.3%CVE-2025-9176MEDIUMneurobin shc Environment Variable shc.c make os command injectionEPSS 1.3%CVE-2026-10214MEDIUMzhayujie chatgpt-on-wechat Bash Tool bash.py _get_safety_warning os command injectionEPSS 1.3%CVE-2026-7316MEDIUMeiliyaabedini aider-mcp code_with_ai aider_mcp.py command injectionEPSS 1.3%CVE-2021-34592HIGHBender Charge Controller: Command injection via Web interfaceEPSS 1.3%CVE-2015-20108CRITICALxml_security.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not useEPSS 1.3%CVE-2019-11279HIGHPrivilege Escalation via Scope Manipulation in UAAEPSS 1.3%CVE-2024-34352MEDIUMArbitrary file write vulnerability in 1Panel EPSS 1.3%CVE-2025-60671MEDIUMA command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin in the timelycheck and sysconEPSS 1.3%CVE-2026-38834HIGHTenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the do_ping_action function via the hostName parameterEPSS 1.3%CVE-2026-25761HIGHCommand injection via crafted filenames in Super-linter ActionEPSS 1.3%CVE-2025-45931CRITICALAn issue D-Link DIR-816-A2 DIR-816A2_FWv1.10CNB05_R1B011D88210 allows a remote attacker to execute arbitrary code via system() function in tEPSS 1.3%CVE-2023-1000MEDIUMcyanomiko dcnnt-py Notification notifications.py main command injectionEPSS 1.3%