Fallos del tipo CWE-78
3885 resultadosCVE-2026-7461HIGHOS Command Injection in Amazon ECS Agent via FSx Windows File Server Volume CredentialsEPSS 0.5%CVE-2026-44604HIGHRpm: command injection in rpmuncompress dountar() via unescaped archive top-level directory name in popen() shell commandEPSS 0.5%CVE-2026-32968CRITICALUnauthenticated RCE in com_mb24sysapiEPSS 0.5%CVE-2024-27778HIGHAn improper neutralization of special elements used in an OS Command vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 4.4.0 thrEPSS 0.5%CVE-2026-34937HIGHPraisonAI: Shell Injection in run_python() via Unescaped $() SubstitutionEPSS 0.5%CVE-2025-30044CRITICALRCE on uhcapache user permissionsEPSS 0.5%CVE-2025-40949HIGHA vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEEPSS 0.5%CVE-2026-41497CRITICALIncomplete fix for CVE-2026-34935: Command Injection in MervinPraison/PraisonAIEPSS 0.5%CVE-2024-38641HIGHQTS, QuTS heroEPSS 0.5%CVE-2025-43885HIGHDell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Improper Neutralization of Special Elements used in an OS EPSS 0.5%CVE-2025-0127HIGHPAN-OS: Authenticated Admin Command Injection Vulnerability in PAN-OS VM-SeriesEPSS 0.5%CVE-2026-34109CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in speech.phpEPSS 0.5%CVE-2026-22708HIGHCursor has a Terminal Tool Allowlist Bypass via Environment VariablesEPSS 0.5%CVE-2024-49565HIGHDell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command InjectionEPSS 0.5%CVE-2026-34117CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in text_to_subtitles.phpEPSS 0.5%CVE-2026-34115CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in transcribe_amazon.phpEPSS 0.5%CVE-2024-49564HIGHDell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command InjectionEPSS 0.5%CVE-2026-34113CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in speech_text.phpEPSS 0.5%CVE-2026-34114CRITICALGuardian Language-System Unauthenticated OS Command Injection via id Parameter in translate_text.phpEPSS 0.5%CVE-2025-24380HIGHDell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command InjectionEPSS 0.5%