Falhas do tipo CWE-917
49 resultadosCVE-2024-4286MEDIUMImproper Neutralization of Special Elements in mintplex-labs/anything-llmEPSS 0.4%CVE-2026-41705HIGHSpring AI's MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injection via unsanitized document IDs.
SprinEPSS 0.4%CVE-2026-41717HIGHSpring Data MongoDB - SpEL Expression Injection via Annotated Query Parameter BindingEPSS 0.3%CVE-2026-26462HIGHOffline Hospital Management System 5.3.0 allows remote code execution due to an improper Electron renderer configuration. The application enEPSS 0.3%CVE-2023-42658HIGHInSpec Archive Command Vulnerable to Maliciously Crafted ProfileEPSS 0.3%CVE-2026-40985MEDIUMData Binding Vulnerability in Spring Web Flow with Unified EL ParserEPSS 0.2%CVE-2024-9672MEDIUMReflected XSS in PaperCut MFEPSS 0.2%CVE-2026-41719MEDIUMSpring Data KeyValue - SpEL Injection vulnerability in SpelPropertyComparatorEPSS 0.2%CVE-2026-28201HIGHSurrealDB Injection on Open NotebookEPSS 0.1%