Code Injection

Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Avro Java SDK when generating specific records from untrusted Avro schemas. This issue affects Apache Avro Java SDK: all versions through 1.11.4 and version 1.12.0. [CVSS 7.3 HIGH]

Arbitrary code execution in Yoke's Air Traffic Controller component allows authenticated users with CustomResource create/update permissions to execute malicious WebAssembly modules by injecting crafted URLs into the overrides.yoke.cd/flight annotation, potentially enabling cluster-admin privilege escalation. The vulnerability affects Yoke 0.19.0 and earlier, with no patch currently available and an 8.8 CVSS severity rating.

String filter bypass in Inspektor Gadget Kubernetes eBPF tooling before fix. Insufficient string escaping enables filter injection. PoC and patch available.

Code injection in authentik identity provider from 2021.3.1 through multiple versions. Users with delegated permissions can inject code. Patch available.

An issue in filosoft Comerc.32 Commercial Invoicing v.16.0.0.3 allows a local attacker to execute arbitrary code via the comeinst.exe file [CVSS 7.8 HIGH]

Smart Visu Server Firmware contains a vulnerability that allows attackers to override request URLs by injecting arbitrary values in the X-Forwarded-Host head (CVSS 8.8).

Authenticated attackers can execute arbitrary code through next-mdx-remote's MDX compiler due to inadequate input validation in the serialization function, affecting applications processing untrusted MDX content. An authenticated user with access to compile MDX can inject and execute malicious code with full system privileges. No patch is currently available, leaving all versions vulnerable to this critical code execution risk.

An improper neutralization of directives in statically saved code ('Static Code Injection') vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to access restricted data / files. [CVSS 8.8 HIGH]

A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data or modify memory. [CVSS 8.1 HIGH]

Microsoft Defender for Endpoint on Linux contains a code injection vulnerability that enables adjacent network attackers to execute arbitrary code without authentication. The flaw affects multiple platforms and carries high severity (CVSS 8.8) with no patch currently available. An attacker on the local network could achieve complete system compromise through this unauthenticated attack vector.

Improper input validation in Power BI allows an authorized attacker to execute code over a network. [CVSS 8.0 HIGH]

A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with. [CVSS 4.5 MEDIUM]

Unauthenticated remote code execution in Zai Shell prior to 9.0.3 via the unprotected P2P terminal sharing feature on port 5757, where attackers can inject arbitrary system commands that execute with user privileges if approved. Public exploit code exists for this vulnerability, and affected systems running --no-ai mode completely bypass safety checks during command execution. Update to version 9.0.3 to remediate.

jsonpath library before 1.2.0 has an arbitrary code injection vulnerability via unsafe use of eval-like constructs in JSONPath expressions.

Improper credential domain validation in n8n's HTTP Request node prior to version 1.121.0 enables authenticated attackers to redirect requests containing credentials to unintended domains, risking credential theft for users with wildcard domain patterns in their allowed domains configuration. The vulnerability requires valid authentication and has a low exploitation probability, with no public exploit currently available.

SandboxJS has a fourth CVSS 10.0 sandbox escape through Map's safe prototype being used as a gateway to inject arbitrary code.

Claude Code prior to version 2.1.2 has a CVSS 10.0 sandbox escape in the bubblewrap sandboxing mechanism, allowing code execution outside the intended sandbox boundary.

Claude Code versions prior to 2.0.55 insufficiently validate piped sed commands, permitting authenticated users to circumvent file write protections and deposit files in restricted directories including .claude folders and locations outside project scope. An attacker with access to the "accept edits" feature can exploit this to write malicious content to sensitive areas of the system. A patch is available in version 2.0.55 and later.

Claude Code prior to version 2.0.57 failed to properly validate MCP tool inputs, allowing malicious MCP servers to inject commands through tool responses.

JumpStart 0.6.0.0 contains an unquoted service path vulnerability in the jswpbapi service running with LocalSystem privileges. Attackers can exploit the unquoted path containing spaces to inject and execute malicious code with elevated system permissions. [CVSS 7.8 HIGH]

Code injection in Fermat's eqn_chart function allows authenticated remote attackers to execute arbitrary code by manipulating equation arguments. Public exploit code exists for this vulnerability, and the developers have not yet released a patch despite early notification. The attack requires valid credentials but no user interaction, affecting all versions up to the latest rolling release commit.

Unauthenticated code injection in isaacwasserman mcp-vegalite-server's visualize_data function allows remote attackers with valid credentials to execute arbitrary code by manipulating the vegalite_specification parameter. Public exploit code exists for this vulnerability. No patch is currently available, and the project has not responded to early notification of the issue.

An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation function [CVSS 7.2 HIGH]

WCAssistantService contains a vulnerability that allows attackers to potentially execute code with elevated privileges (CVSS 7.8).

FactoryTalk Activation Service contains a vulnerability that allows attackers to potentially execute code with elevated privileges (CVSS 7.8).

Locutus versions up to 2.0.39 is affected by improperly controlled modification of object prototype attributes (prototype pollution) (CVSS 8.8).

Langroid LLM framework prior to 0.5 has a code injection vulnerability (CVSS 9.6) allowing attackers to execute arbitrary code through the AI agent system.

n8n workflow automation platform has an authenticated code execution vulnerability (CVSS 9.9) through improper runtime behavior modification, enabling server takeover.

Malformed data processed by the affected product can be embedded in exported CSV files, which execute arbitrary code when opened by users due to improper input validation. Movable Type 7 and 8.4 series (both EOL) along with current versions are vulnerable to this code injection attack through user-initiated file downloads. An authenticated attacker can craft malicious input to compromise any user who downloads and opens the resulting CSV file.

Local code injection in NVIDIA Megatron-LM allows authenticated users to achieve arbitrary code execution and privilege escalation through malicious input to vulnerable scripts. An attacker with local access can craft specially designed data to trigger unsafe code evaluation, enabling complete system compromise including data theft and modification. No patch is currently available for this vulnerability affecting all supported platforms.

VPN Unlimited 6.1 contains an unquoted service path vulnerability that allows local attackers to inject malicious executables into the service binary path. [CVSS 7.8 HIGH]

ASUSTOR ADM has an input validation vulnerability when joining AD Domain that allows unauthenticated attackers to compromise the NAS device.

Vulnerability in Wikimedia Foundation DiscussionTools.This issue affects DiscussionTools: from * before 1.43.4, 1.44.1.

Jspdf versions up to 4.1.0 contains a vulnerability that allows attackers to inject arbitrary XML (CVSS 5.4).

SoupServer's improper handling of HTTP requests combining Transfer-Encoding: chunked and Connection: keep-alive headers enables remote attackers to smuggle malicious requests over persistent connections without authentication. This HTTP request smuggling vulnerability can cause denial-of-service conditions and unintended request processing by exploiting the server's failure to properly close connections per RFC 9112. No patch is currently available.

Avast SecureLine 5.5.522.0 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. [CVSS 7.8 HIGH]

Code injection in Orval TypeScript API client generator versions 7.19.0 to before 7.22.0. Generated client code may be vulnerable to injection through crafted OpenAPI specifications.

A flaw was found in Undertow. Servlets using a method that calls HttpServletRequestImpl.getParameterNames() can cause an OutOfMemoryError when the client sends a request with large parameter names. [CVSS 7.5 HIGH]

PolarLearn versions prior to 0-PRERELEASE-15 fail to validate the `direction` parameter in the forum vote API endpoint, allowing authenticated attackers to submit arbitrary values that bypass business logic and corrupt vote data. Public exploit code exists for this vulnerability. The issue affects authenticated users who can manipulate voting behavior through improper input validation.

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit e33da14449a5abcff507e554f66e2141d6683b0a, missing sandboxing on `/workspace/*` routes allows challenge authors to inject arbitrary javascript which runs on the same origin as `http[:]//dojo[.]website`.

Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that allows unauthenticated attackers to achieve remote code execution on the mobile device management server. Compromising the MDM server provides access to all managed mobile device configurations, policies, and potentially the ability to push malicious profiles to enrolled devices.

Ivanti Endpoint Manager Mobile (EPMM) contains a critical code injection vulnerability (CVE-2026-1281, CVSS 9.8) that allows unauthenticated remote attackers to execute arbitrary code. With EPSS 64.8% and KEV listing, this vulnerability in the mobile device management platform threatens the security of every managed mobile device in the organization, as EPMM has the ability to push configurations, certificates, and apps to enrolled devices.

A Server-Side Template Injection (SSTI) vulnerability in the /reporting/templates/preview/ endpoint of Amidaware Tactical RMM, affecting versions equal to or earlier than v1.3.1, allows low-privileged users with Report Viewer or Report Manager permissions to achieve remote command execution on the server. [CVSS 8.8 HIGH]

The backup restore function does not properly validate unexpected or unrecognized tags within the backup file. When such a crafted file is restored, the injected tag is interpreted by a shell, allowing execution of arbitrary commands with root privileges. [CVSS 6.8 MEDIUM]

BarcodeOCR 19.3.6 contains an unquoted service path vulnerability that allows local attackers to execute code with elevated privileges during system startup. [CVSS 7.8 HIGH]

Maker.js versions up to 0.19.1 improperly validate object properties in the `extendObject` function, allowing inherited and malicious properties to be copied to target objects without filtering. Applications using the library are vulnerable to property injection attacks, and public exploit code exists for this vulnerability. A patch is available in version 0.19.2.

Arbitrary code execution in iccDEV versions before 2.3.1.2 occurs when malformed ICC color profiles containing NaN floating-point values are parsed, causing undefined behavior during type conversion that corrupts memory structures. Local attackers can exploit this by crafting malicious ICC profiles that applications process, and public exploit code exists for this vulnerability. The issue affects any system using the iccDEV library to handle ICC profile data, with a patch available in version 2.3.1.2.

Prototype pollution in NocoDB's connection test endpoint allows authenticated org-level creators to disrupt all database write operations application-wide until server restart, with public exploit code available. Although the vulnerability can bypass SUPER_ADMIN authorization checks, the resulting denial of service prevents actual exploitation of elevated privileges. The issue affects versions prior to 0.301.0 with no patch currently available.

Tendenci 12.3.1 has a CSV formula injection in the contact form message field enabling code execution when administrators export and open data in spreadsheet applications.

HTTP header injection in libsoup through CRLF sequences in the Content-Disposition header allows unauthenticated remote attackers to inject arbitrary headers or split responses without user interaction. Public exploit code exists for this vulnerability. The flaw affects any application using vulnerable versions of libsoup to process untrusted HTTP headers, with no patch currently available.

An HTML injection vulnerability in Amidaware Inc Tactical RMM v1.3.1 and earlier allows authenticated users to inject arbitrary HTML content during the creation of a new agent via the POST /api/v3/newagent/ endpoint. The agent_id parameter accepts up to 255 characters and is improperly sanitized using DOMPurify.sanitize() with the html: true option enabled, which fails to adequately filter HTML input. The injected HTML is rendered in the Tactical RMM management panel when an administrator att...

jsonpath library 1.1.1 has a prototype pollution vulnerability in the value function that allows attackers to modify JavaScript object prototypes and potentially achieve RCE.

PACService.exe contains a vulnerability that allows attackers to execute code with elevated privileges (CVSS 7.8).

SENADB service contains a vulnerability that allows attackers to execute code with elevated system privileges (CVSS 7.8).

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service (DoS) vulnerability in the configuration restore functionality. The issue is due to insufficient validation of user-supplied data during this process. [CVSS 7.5 HIGH]

NVIDIA runx contains a vulnerability where an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

Improper Control of Generation of Code ('Code Injection') vulnerability in pilgrimage233 Minecraft-Rcon-Manage.This issue affects Minecraft-Rcon-Manage: before 3.0.

Dirsearch 0.4.1 has CSV injection in scan reports.

Knockpy 4.1.1 has CSV injection in subdomain scan exports.

Ezcast Pro Dongle Ii Firmware versions up to 1.17478.146 is affected by improper input validation (CVSS 5.3).

ROOT data analysis framework has an input validation vulnerability in zlib modules enabling code execution through crafted data files.

Improper Control of Generation of Code ('Code Injection') vulnerability in liuyueyi quick-media (plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules). This vulnerability is associated with program files PNGImageEncoder.Java.

PDF Complete 3.5.310.2002 contains an unquoted service path vulnerability in its pdfsvc.exe service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges. [CVSS 7.8 HIGH]

Illegal HTTP request traffic vulnerability (CL.0) in Altitude Communication Server, caused by inconsistent analysis of multiple HTTP requests over a single Keep-Alive connection using Content-Length headers.

HTC IPTInstaller 4.0.9 contains an unquoted service path vulnerability in the PassThru Service configuration. Attackers can exploit the unquoted binary path to inject and execute malicious code with elevated LocalSystem privileges. [CVSS 7.8 HIGH]

iccDEV versions 2.3.1.1 and earlier contain unsafe handling of user-supplied input in the CIccTagXmlSegmentedCurve::ToXml() function, enabling remote attackers to trigger undefined behavior in ICC profile parsing. Public exploit code exists for this vulnerability, which can lead to denial of service, data manipulation, or arbitrary code execution. Upgrade to version 2.3.1.2 to remediate.

iccDEV versions 2.3.1.1 and earlier allow remote attackers to trigger undefined behavior in the icSigCalcOp() function through malicious ICC color profiles, enabling denial of service, data manipulation, or potential code execution. The vulnerability stems from unsafe handling of user-controllable input in binary profile data, and public exploit code exists. Affected organizations should upgrade to version 2.3.1.2 or later.

Argument injection in Salesforce Marketing Cloud Engagement CloudPagesURL component. Second Salesforce Marketing Cloud CVE with same root cause.

Argument injection in Salesforce Marketing Cloud Engagement MicrositeURL component allows command execution. First of four critical Salesforce Marketing Cloud CVEs.

Dioxus Components is a shadcn-style component library for the Dioxus app framework. Prior to commit 41e4242ecb1062d04ae42a5215363c1d9fd4e23a, `use_animated_open` formats a string for `eval` with an `id` that can be user supplied.

MyTube is a self-hosted downloader and player for several video websites. Versions 1.7.78 and below have a Mass Assignment vulnerability in the settings management functionality due to insufficient input validation. The application's saveSettings() function accepts arbitrary key-value pairs without validating property names against allowed settings. The function uses Record<string, any> as input type and iterates over all entries using Object.entries() without filtering unauthorized propertie...

The email module, specifically the "BytesGenerator" class, didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized.

Langflow's PythonFunction component allows authenticated attackers with user interaction to inject and execute arbitrary Python code within application workflows, achieving remote code execution. The vulnerability affects Langflow deployments using Python-based AI/ML components, with exploitation feasibility depending on specific product configurations. No patch is currently available.

Langflow has a code injection vulnerability in the code component (EPSS 2.6%) enabling remote code execution through the visual AI workflow builder.

MetaGPT has a code injection vulnerability in actionoutput_str_to_mapping (EPSS 2.6%) allowing remote attackers to execute arbitrary code through crafted AI agent output processing.

Incus contains a vulnerability that allows attackers to adding arbitrary lifecycle hooks, ultimately resulting in arbitrary command exec (CVSS 8.7).

DeepDigital versions 1.0.2 and earlier fail to properly sanitize HTML script tags, enabling stored or reflected cross-site scripting (XSS) attacks that allow code injection. An unauthenticated attacker can exploit this vulnerability over the network to inject malicious scripts that execute in users' browsers, potentially compromising session data or performing unauthorized actions. No patch is currently available for affected installations.

Improper Control of Generation of Code ('Code Injection') vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Code Injection.This issue affects Beaver Builder: from n/a through <= 2.9.4.1. [CVSS 7.5 HIGH]

Improper Control of Generation of Code ('Code Injection') vulnerability in Shahjahan Jewel FluentForm fluentform allows Code Injection.This issue affects FluentForm: from n/a through <= 6.1.11. [CVSS 5.3 MEDIUM]

Event Tickets with Ticket Scanner WordPress plugin has a code injection vulnerability allowing remote code execution through the event management system.

Nelio AB Testing WordPress plugin has a code injection vulnerability allowing attackers to execute arbitrary code through the A/B testing functionality.

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in xtemos WoodMart woodmart allows Code Injection.This issue affects WoodMart: from n/a through <= 8.3.7. [CVSS 6.1 MEDIUM]

Lodash versions up to 4.17.22 is affected by improperly controlled modification of object prototype attributes (prototype pollution) (CVSS 5.3).

SbieSvc service contains a vulnerability that allows attackers to execute code with elevated privileges (CVSS 7.8).

eBeam Stylus Driver service contains a vulnerability that allows attackers to potentially execute code with elevated privileges (CVSS 7.8).

eBeam Device Service contains a vulnerability that allows attackers to potentially execute code with elevated privileges (CVSS 7.8).

WPCommandFileService contains a vulnerability that allows attackers to potentially execute code with elevated privileges (CVSS 7.8).

ScheduleService contains a vulnerability that allows attackers to potentially execute code with elevated system privileges (CVSS 7.8).

GuardTourService contains a vulnerability that allows attackers to potentially execute code with elevated system privileges (CVSS 7.8).

OSAS Traverse Extension 11 contains an unquoted service path vulnerability in the TravExtensionHostSvc service running with LocalSystem privileges. [CVSS 7.8 HIGH]