Skip to main content

OS Command Injection

web CRITICAL

OS command injection occurs when an application passes unsanitized user input directly into system shell commands.

How It Works

OS command injection occurs when an application passes unsanitized user input directly into system shell commands. Instead of treating input as pure data, the shell interprets special characters as command separators or modifiers, allowing attackers to append arbitrary commands. Common injection points include system(), exec(), popen(), and backtick operators in languages like PHP, Python, and Ruby.

Attackers exploit shell metacharacters to break out of the intended command context. On both Unix and Windows, semicolons (;), pipes (|), and logical operators (&&, ||) chain multiple commands. Unix shells additionally interpret backticks and $() for command substitution, while newlines can also separate statements. For example, if an application executes ping -c 4 $USER_IP, an attacker supplying 8.8.8.8; cat /etc/passwd causes the server to run two commands sequentially.

Attacks manifest in three variants. Visible injection returns command output in the HTTP response, giving immediate feedback. Blind injection produces no direct output, requiring time-based detection (using sleep or timeout commands) or out-of-band confirmation via DNS lookups or HTTP callbacks to attacker-controlled servers. Attackers can also redirect output to web-accessible files for later retrieval.

Impact

  • Complete server compromise — execute any command with the application's privileges, often www-data or root
  • Lateral movement — scan internal networks, pivot to backend systems unreachable from the internet
  • Data exfiltration — dump databases, read configuration files containing credentials, access sensitive business data
  • Persistence mechanisms — install cron jobs, add SSH keys, deploy web shells for continued access
  • Denial of service — crash services, fill disk space, consume CPU resources
  • Supply chain attacks — modify application code or deployment artifacts to compromise downstream users

Real-World Examples

The Ivanti Cloud Service Appliance suffered CVE-2024-8190, where command injection in the administrative interface allowed unauthenticated attackers to execute arbitrary OS commands. CISA added it to the Known Exploited Vulnerabilities catalog after observing active exploitation against enterprise networks.

GitLab experienced multiple command injection vulnerabilities over the years, including issues in repository import functionality where Git URLs containing shell metacharacters were passed unsanitized to system commands, enabling remote code execution on self-hosted instances.

Network equipment frequently contains these flaws. Various Netgear routers have exhibited command injection in ping diagnostic tools, where user-supplied IP addresses were concatenated directly into shell commands without validation, granting attackers complete device control.

Mitigation

  • Eliminate OS commands entirely — use native language libraries (filesystem APIs, network functions) instead of shelling out
  • Strict input allowlisting — permit only exact matches against predefined values; validate format with regex before any processing
  • Parameterized execution APIs — use execve() or language equivalents that pass arguments as arrays, bypassing the shell interpreter completely
  • Principle of least privilege — run application processes with minimal permissions to limit compromise impact
  • Input validation — enforce expected patterns (IP addresses, alphanumeric IDs) but never rely on blacklisting metacharacters

Recent CVEs (7742)

EPSS 0% CVSS 7.8
HIGH PATCH This Week

Command injection in the Warp agentic development environment (Linux builds 0.2024.02.20.08.01.stable_01 through pre-0.2026.05.06.15.42.stable_01) lets an attacker run arbitrary shell commands as the local user when a victim opens a maliciously named file through an affected external or system-default editor route. Warp expanded freedesktop .desktop Exec templates and passed the result to a shell, so shell metacharacters embedded in a file path are interpreted rather than treated as data. There is no public exploit identified at time of analysis and the issue is not in CISA KEV; impact is high (CVSS 7.8) but requires local context and user interaction.

Command Injection Warp
NVD GitHub
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Command injection in Warp's legacy SSH background command path lets an attacker-controlled remote host inject shell syntax that runs as the victim's authenticated SSH account. Affecting Warp from 0.2023.03.21.08.02.stable_00 up to (but not including) 0.2026.05.06.15.42.stable_01, the flaw stems from the terminal trusting the remote working directory, repository, or directory name reported by an SSH session when assembling helper commands for metadata collection. No public exploit identified at time of analysis, though the fix commit ships regression tests that demonstrate the breakout; not listed in CISA KEV and no EPSS provided.

Command Injection Warp
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Terminal lifecycle hook spoofing in Warp versions prior to 0.2026.05.06.15.42.stable_01 allows an attacker who controls terminal output viewed by a victim to inject unauthenticated shell integration hooks into the PTY stream, causing Warp to accept falsified session metadata - including spoofed current working directory and SSH session transport parameters. Exploitation requires user interaction (the victim must view attacker-controlled terminal content in Warp), and no public exploit code has been identified at time of analysis. The CVSS-assigned availability impact (A:L) and absence of integrity impact (I:N) appear inconsistent with the described spoofing behavior; session state falsification is the primary operational concern for affected users.

Command Injection Warp
NVD GitHub
EPSS 0% CVSS 7.7
HIGH PATCH This Week

OS command injection in Warp (the agentic terminal/development environment) affects builds from 0.2024.03.12.08.02.stable_01 up to the fix in 0.2026.05.06.15.42.stable_01 when running under Windows Subsystem for Linux. When wslview cannot open a URL, Warp falls back to a Windows command processor (cmd.exe /c start), so a malicious URL emitted into terminal output executes attacker-controlled Windows commands once the user clicks the link. No public exploit identified at time of analysis and the issue is not in CISA KEV, but the fix commit clearly documents the injection path.

Command Injection Microsoft Warp
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

OS command injection in Warp's AI Agent code-search tooling allows attacker-controlled inputs to escape read-only search operations and execute arbitrary shell commands in the user's terminal. Affected builds from 0.2025.04.09.08.11.stable_00 up to 0.2026.05.06.15.42.stable_01 implement the Grep and FileGlob actions — which the Agent's command-execution policy authorizes only as read/search — by concatenating Agent-supplied search text, paths, and glob patterns into unquoted shell command strings. There is no public exploit identified at time of analysis, though the vendor fix commit and its regression tests publicly demonstrate the injection technique (e.g. a $(touch /tmp/warp-poc) payload).

Command Injection Warp
NVD GitHub
EPSS 0% CVSS 10.0
CRITICAL PATCH Act Now

Pre-sandbox host-level code execution in Google Gemini CLI (versions prior to 0.39.1) and the run-gemini-cli GitHub Action (prior to 0.1.22) allows an unprivileged attacker to run arbitrary commands on CI/CD runner hosts by planting a malicious .gemini/.env file in an untrusted workspace. In headless mode the tool automatically trusted workspace folders and loaded their environment variables before sandboxing, so a workflow that processes attacker-controlled content (for example reviewing a submitted pull request) would execute attacker-supplied commands on the host. No public exploit has been identified at time of analysis, but Google rates this CVSS 4.0 10.0 and a vendor advisory (GHSA-wpqr-6v78-jr5g) with fixed releases is available.

Command Injection RCE Google +2
NVD GitHub VulDB
EPSS 0% CVSS 5.0
MEDIUM This Month

Jenkins Git client Plugin 6.6.0 and earlier does not correctly escape the workspace directory name when it is embedded into a generated SSH wrapper script, allowing attackers able to control the name of a build's working directory to execute arbitrary operating system commands on the agent.

Jenkins Jenkins Git Client Plugin Command Injection
NVD VulDB
EPSS 2% CVSS 9.1
CRITICAL Act Now

Remote OS command injection in GeoVision GV-I/O Box 4E firmware 2.09 allows attackers with high privileges to execute arbitrary shell commands by sending crafted network packets to the DVRSearch service or Network.cgi endpoint. The flaw lives in libNetSetObj.so where DNS configuration values are concatenated into a shell command string and passed to system() without sanitization. No public exploit identified at time of analysis, but the vendor advisory and a Talos vulnerability report are published.

Command Injection Gv I O Box 4E
NVD VulDB
EPSS 2% CVSS 9.1
CRITICAL Act Now

OS command injection in GeoVision GV-I/O Box 4E firmware 2.09 allows authenticated remote attackers to execute arbitrary shell commands via unsanitized gateway address input passed to system() inside libNetSetObj.so. The flaw is reachable through both the network-exposed DVRSearch service and the Network.cgi endpoint, granting full device compromise. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Command Injection Gv I O Box 4E
NVD VulDB
EPSS 2% CVSS 9.1
CRITICAL Act Now

OS command injection in GeoVision GV-I/O Box 4E firmware 2.09 allows attackers who can reach the device's network services to execute arbitrary shell commands via unsanitised netmask input passed to system() inside libNetSetObj.so. The flawed CNetSetObj::m_F_n_Set_Net_Mask routine is reachable through both the network-exposed DVRSearch service and the Network.cgi endpoint, yielding code execution in the context of the configuration daemon. No public exploit identified at time of analysis, but the Talos report provides full reverse-engineered detail that materially lowers the barrier to weaponisation.

Command Injection Gv I O Box 4E
NVD VulDB
EPSS 2% CVSS 9.1
CRITICAL Act Now

OS command injection in GeoVision GV-I/O Box 4E firmware 2.09 allows remote attackers with high privileges to execute arbitrary shell commands by sending crafted network packets to the libNetSetObj.so library via the DVRSearch service or Network.cgi endpoint. The flaw stems from unsanitized attacker-controlled IP address input passed directly to system() in CNetSetObj::m_F_n_Set_IP_Addr. No public exploit identified at time of analysis, though Talos Intelligence disclosed the issue with technical detail (TALOS-2026-2379).

Command Injection Gv I O Box 4E
NVD VulDB
EPSS 0% CVSS 8.8
HIGH This Week

Arbitrary OS command execution in the @rtk-ai/rtk-rewrite 1.0.0 OpenClaw plugin allows an attacker who can influence the exec tool's command parameter - for example through an LLM agent prompt or gateway/tool-call input - to run commands with the privileges of the plugin/gateway process. The flaw stems from unsanitized input being interpolated into a shell-backed execSync() template that /bin/sh -c expands, letting $() and backtick substitutions fire before rtk runs. SSVC lists a proof-of-concept as available, though EPSS is low (0.23%, 14th percentile) and it is not in CISA KEV.

Command Injection Rtk
NVD GitHub VulDB
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Command injection in mise's GitHub credential resolver executes attacker-controlled shell commands on the victim developer's machine when a malicious `.mise.toml` is placed in a repository and no higher-priority GitHub token environment variable is set. Versions v2026.3.15 through v2026.3.17 (and all releases up to < 2026.6.4) pass `github.credential_command` from untrusted local project config directly to `sh -c` without any trust verification. A working proof-of-concept is confirmed per GHSA-29hf-rm4x-xxph on Docker linux-arm64; no CISA KEV listing at time of analysis, but POC availability elevates practical risk above the moderate CVSS base score.

Command Injection Docker
NVD GitHub VulDB
EPSS 0% CVSS 8.6
HIGH PATCH This Week

Arbitrary command execution in mise versions prior to 2026.6.4 allows attacker-controlled repositories to run commands the moment a victim lists or tab-completes a task. The trust gate only fires inside config-file parsers (`mise.toml`, `.tool-versions`), so a repo that ships a `mise-tasks/` (or `.mise/tasks/`) directory without any config file bypasses the prompt entirely, and the Tera `exec()` function registered in the rendering environment fires while tasks are merely enumerated. A public proof-of-concept is included in GHSA-77g9-363w-rccq; no CISA KEV entry exists at time of analysis.

Command Injection
NVD GitHub
CVSS 8.1
HIGH PATCH This Week

{, } and stripped doubled && but left the single & background operator intact at the same execAsync() sh -c sink. Publicly available exploit code exists (a PHP PoC harness is included in the advisory), but the vulnerability is not in CISA KEV at time of analysis.

Command Injection PHP
NVD GitHub
EPSS 1% CVSS 9.9
CRITICAL PATCH Act Now

Remote code execution in Gogs through 0.14.2 allows authenticated users (and unauthenticated attackers on default-configured instances with open registration) to execute arbitrary commands as the Gogs server process by crafting a pull request whose base branch name injects a `--exec` flag into the underlying `git rebase` invocation. A working Python proof-of-concept exists and has been validated end-to-end against Docker, Linux binary, and Windows installations, yielding shell access as the `git` user. No CISA KEV listing or EPSS data is provided, so this is treated as publicly available exploit code rather than confirmed active exploitation.

Command Injection Docker Apple +5
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH PATCH This Week

Authenticated remote code execution in NetComm NF20MESH routers running firmware R6B031 and earlier allows low-privileged authenticated attackers to gain full root-level OS control via OS command injection. The dalStorage_addUserAccount function unsafely concatenates attacker-supplied JSON username input into a shell command string executed by rut_doSystemAction without sanitization, enabling shell metacharacter injection. No public exploit identified at time of analysis and no CISA KEV listing, but a detailed public advisory from signal11.io documents the attack surface, and a vendor patch (implied R6B032) is available.

Command Injection RCE Nf20Mesh
NVD
EPSS 1% CVSS 9.2
CRITICAL PATCH Act Now

Command injection in ImageMagick's SVG decoder (coders/svg.c) lets attackers smuggle arbitrary MVG (Magick Vector Graphics) drawing commands inside an SVG file that execute when the image is rendered, affecting versions before 7.1.2-15 and 6.9.13-40 (and the Magick.NET bindings before 14.10.3). Because ImageMagick frequently processes untrusted, user-uploaded images on servers, a crafted SVG can achieve high-impact abuse of the internal MVG rendering pipeline. There is no public exploit identified at time of analysis and it is not on CISA KEV; EPSS is low at 0.91% (55th percentile), but SSVC flags exploitation as automatable.

Command Injection Imagemagick
NVD GitHub VulDB
EPSS 2% CVSS 8.7
HIGH POC PATCH This Week

Remote code execution in Flowise before 3.1.2 allows any authenticated user (or API caller with chatflow view/update permissions) to abuse the Custom MCP Server feature and run arbitrary OS commands on the host. The validateCommandFlags blocklist and validateArgsForLocalFileAccess regex are incomplete - for example 'docker build' is permitted and 'npx --yes' is permitted while only '-y' is blocked - letting attackers point Flowise at a hostile Dockerfile or local script to achieve full host compromise. Publicly available exploit code exists (the GHSA advisory ships a reproduction), though there is no public exploit identified at time of analysis in CISA KEV.

Command Injection Docker Flowise
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation via command injection in Glances 4.5.5_dev1 and earlier allows users with libvirt domain-creation rights to execute arbitrary commands as the Glances process owner (typically root on hypervisor hosts). The flaw lives in the KVM/QEMU monitoring plugin, where VM domain names parsed from `virsh list --all` are interpolated into command strings handled by `secure_popen()`, which intentionally treats `&&`, `|`, and `>` as control operators. No public exploit identified at time of analysis, but a detailed PoC accompanies the GHSA-v5r2-qh84-fjx5 advisory.

Command Injection Ubuntu Debian +3
NVD GitHub VulDB
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Command injection in TP-Link Archer and TL-MR series routers allows an adjacent unauthenticated attacker on the same broadcast domain to execute arbitrary commands with elevated privileges by supplying crafted DHCP option responses. The flaw resides in DHCP client option processing during device initialization and is most reliably triggered when the router is in factory-default or unconfigured state. No public exploit identified at time of analysis, but the vendor (TP-Link) has confirmed the issue and released firmware patches.

Command Injection TP-Link Archer Mr200 V07 +6
NVD VulDB
EPSS 3% CVSS 5.5
MEDIUM PATCH This Month

World-readable configuration file permissions in motionEye <= 0.43.1b4 expose the admin SHA1 password hash to any local user account on the host. The flaw affects both supported installation methods (manual and motioneye_init), making it a software default rather than a deployment error. Proof-of-concept code is publicly available in the vendor's GitHub Security Advisory; when chained with GHSA-45h7-499j-7ww3 (hash-as-signing-key authentication bypass) and CVE-2025-60787 (OS command injection requiring admin auth), a local unprivileged attacker can escalate to the Motion daemon user - often root - without any elevated privileges. No active exploitation is confirmed in CISA KEV at time of analysis.

Command Injection Authentication Bypass Information Disclosure +1
NVD GitHub
EPSS 1% CVSS 2.1
LOW Monitor

OS command injection in Coolify 4.0.0's Image Name Handler allows authenticated remote attackers to execute arbitrary operating system commands by manipulating image name inputs. Coolify is a self-hosted PaaS that orchestrates Docker deployments, making server-side command injection in its image handling pipeline particularly high-impact - the platform typically operates with Docker daemon privileges. Publicly available exploit code exists (CVSS 4.0 E:P, corroborated by a GitHub PoC writeup); no public confirmation of active exploitation is present, and no vendor response to the coordinated disclosure was received.

Command Injection Coolify
NVD VulDB GitHub
EPSS 1% CVSS 2.1
LOW POC Monitor

OS command injection in Comfast CF-WR631AX V3 firmware (versions 2.7.0.0 through 2.7.0.8) allows an authenticated remote attacker to execute arbitrary operating system commands by injecting shell metacharacters into the `destination` parameter of the ping configuration API endpoint at /cgi-bin/mbox-config?section=ping_config. A detailed public exploit analysis report is available on GitHub, materially lowering the exploitation barrier, though no CISA KEV listing confirms active in-the-wild campaigns at time of analysis. The vendor was notified prior to disclosure and did not respond, leaving all known firmware versions without a patch.

Command Injection Cf Wr631Ax V3
NVD VulDB GitHub
EPSS 1% CVSS 2.1
LOW POC Monitor

Command injection in the Edimax BR-6478AC V2 router (firmware 1.23) allows network-adjacent authenticated attackers to execute arbitrary OS commands via the `command` argument in POST requests to the `/goform/mp` endpoint. The vulnerability is rooted in insufficient input sanitization in the `mp` form handler, exposing the router's underlying OS to attacker-controlled commands. A public proof-of-concept exploit has been released and the vendor has not responded to disclosure, leaving no patch available - the device remains unmitigated at time of analysis.

Command Injection Br 6478Ac V2
NVD VulDB
EPSS 1% CVSS 2.1
LOW POC Monitor

Command injection in Edimax BR-6478AC V2 firmware 1.23 allows remote attackers with low-privilege credentials to execute arbitrary OS commands by embedding shell metacharacters in the `newpass` argument of POST requests to the `/goform/wiz_5in1_redirect` endpoint. A public proof-of-concept exploit exists and is referenced in the VulDB disclosure, making this straightforwardly reproducible. The vendor has not responded to coordinated disclosure, leaving no official patch available - a significant concern for a SOHO network gateway that sits at the perimeter of home and small-office networks.

Command Injection Br 6478Ac V2
NVD VulDB
EPSS 1% CVSS 2.1
LOW POC Monitor

Command injection in the Edimax BR-6478AC V2 router (firmware 1.23) allows authenticated remote attackers to execute arbitrary OS commands by manipulating the `interface` argument in POST requests to `/goform/stainfo`. No patch is available - Edimax did not respond to coordinated disclosure - and a public proof-of-concept exploit exists, making this a persistent, unmitigated risk on deployed devices. The vendor-reported CVSS 4.0 score of 2.1 appears to significantly understate actual impact, as unrestricted command injection on embedded router firmware typically enables full system control rather than merely low-severity limited access.

Command Injection Br 6478Ac V2
NVD VulDB
EPSS 1% CVSS 2.1
LOW POC Monitor

Command injection in Edimax BR-6478AC V2 firmware 1.23 allows remote attackers with low-privileged web interface access to execute arbitrary OS commands by injecting shell metacharacters into WAN credential parameters submitted via POST to /goform/setWAN. A public proof-of-concept exploit is documented and available, the vendor did not respond to coordinated disclosure, and no patch exists - leaving only compensating controls as mitigation. No public exploit identified at time of analysis in CISA KEV, but the combination of public PoC, zero vendor response, and SOHO device deployment patterns represents materially elevated real-world risk.

Command Injection Br 6478Ac V2
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH NO ACTION HOSTED Monitor

Command injection in Microsoft 365 Copilot lets a remote, unauthenticated attacker tamper with data and integrity over the network by injecting unneutralized special elements into a command (CWE-77). The flaw carries a CVSS 7.5 driven entirely by high integrity impact, with no confidentiality or availability loss. There is no public exploit identified at time of analysis, EPSS estimates only a 0.39% 30-day exploitation probability, and CISA's SSVC scores exploitation as none - but a vendor patch is available.

Command Injection Microsoft 365 Copilot
NVD VulDB
EPSS 0% CVSS 8.5
HIGH PATCH This Week

Command injection in the @cyclonedx/cyclonedx-npm SBOM generator (versions >= 2.1.0, < 5.0.0) lets an attacker who controls the value passed to the --workspace CLI option execute arbitrary OS commands when the npm_execpath environment variable is unset or empty. In that fallback path the tool spawns a subshell and interpolates the workspace value into a command string without escaping, so shell metacharacters break out of the intended context and run with the invoking user's privileges. No public exploit identified at time of analysis, though the vendor fix PR ships a proof-of-concept-style regression test; the issue is not listed in CISA KEV and no EPSS score was provided.

Privilege Escalation Command Injection Node.js
NVD GitHub VulDB
EPSS 0% CVSS 7.4
HIGH This Week

Authenticated remote code execution in gin-vue-admin 2.9.1 lets attackers with access to the code-generation and MCP management features inject arbitrary Go source via POST /autoCode/addFunc and trigger a rebuild/restart through POST /autoCode/mcpStart, yielding OS command execution as the application service account. No public exploit identified at time of analysis, and as of publication a patched version is not confirmed; the upstream GHSA-22cv-9jv2-6m62 advisory only documents allowlist-based workarounds.

Command Injection RCE Gin Vue Admin
NVD GitHub VulDB
EPSS 0% CVSS 8.2
HIGH POC PATCH This Week

Shell command injection in pontedilana/php-weasyprint prior to 2.5.1 allows code execution as the PHP process when the WeasyPrint binary path is sourced from configuration, environment variables, or per-tenant settings. The library's buildCommand() inverted the order of escapeshellarg() and is_executable(), turning the 'safe' branch into dead code and passing the raw binary string into Symfony Process::fromShellCommandline(). No public exploit identified at time of analysis, but a PoC for the identical KnpLabs/snappy precursor flaw (GHSA-vpr4-p6fq-85jc) is published and directly applicable.

Command Injection PHP
NVD GitHub
EPSS 1% CVSS 8.6
HIGH This Week

Authenticated OS command injection in SIMA GmbH Bondix Server through 1.25.7.5 on Linux allows an attacker with configuration write privileges to execute arbitrary operating-system commands by supplying crafted values in the environment and tunnel configuration that are passed unsanitized to server-side scripts. The flaw was reported by NCSC.ch and carries a CVSS 4.0 base score of 8.6 (High); no public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.

Command Injection Bondix Server
NVD VulDB
CVSS 9.9
CRITICAL PATCH Act Now

Command injection in the Network-AI npm package (network-ai < 5.9.1) lets any agent or caller granted a wildcard allowlist entry such as `git *`, `npm *`, or `node *` execute arbitrary shell commands as the orchestrator process. The flaw stems from `SandboxPolicy.isCommandAllowed` glob-matching the entire command string while `ShellExecutor` runs it through `/bin/sh -c`, so shell metacharacters like `;`, `|`, and `$(...)` smuggle additional commands past the sandbox. A working PoC is published in the GHSA advisory, though there is no public exploit identified at time of analysis in the wild and no CISA KEV listing.

RCE Command Injection Node.js
NVD GitHub
EPSS 1% CVSS 9.4
CRITICAL PATCH Act Now

{token}_{clusterId}.yaml. CVSS 4.0 rates this 9.4 (Critical) with a scope-changing impact on subsequent systems, but no public exploit was identified at time of analysis and it is not listed in CISA KEV. Reported by SUSE through GitHub Security Advisory GHSA-mhc6-2gfq-xx62.

Command Injection Code Injection Rancher +1
NVD GitHub
EPSS 1% CVSS 8.7
HIGH PATCH This Week

SQL injection in pgAdmin 4 versions 1.0 through 9.15 allows an authenticated user with object-modification rights to inject SQL via the description field of Domain, Domain Constraint, Foreign Table, Language, Event Trigger, and View dialogs, where Jinja templates wrapped the value in single quotes instead of passing it through the qtLiteral escape filter. Sixteen template sites plus ten related pgstattuple/pgstatindex identifier sinks share the defect; injected SQL executes as the connected PostgreSQL role, and if that role can use COPY ... TO/FROM PROGRAM it pivots to OS command execution on the database host. No public exploit identified at time of analysis, and the vendor notes the bug does not cross a privilege boundary since the same user already has direct SQL access via the Query Tool.

PostgreSQL Command Injection SQLi +1
NVD GitHub VulDB
EPSS 1% CVSS 8.6
HIGH PATCH This Week

OS command injection in LMS (LAN Management System) before commit 9fcb4de allows authenticated adjacent attackers to execute arbitrary operating system commands by supplying a malicious IP address parameter that is passed unsanitized to exec(). The flaw was reported by CERT-PL and an upstream fix is available; no public exploit identified at time of analysis, and the CVSS 4.0 score of 8.6 reflects high impact on the vulnerable system with limited subsequent-system effect.

Command Injection Lms
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

Unauthenticated remote command execution affects InHand Networks IR912 and IR915 industrial cellular routers running firmware V1.0.0.r20042 and earlier, where the file upload function fails to sanitize input and passes attacker-controlled data to a shell context. Successful exploitation yields code execution as root on the device. No public exploit identified at time of analysis, but the CVSS 9.8 rating and network-reachable file upload endpoint make this a high-priority patching target for any operator with these routers exposed to untrusted networks.

File Upload Command Injection N A
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerability in the Python application export function. This vulnerability allows remote attackers to execute arbitrary commands as root via a crafted input.

Python Command Injection N A
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerability in the Python configuration function. This vulnerability allows remote attackers to execute arbitrary commands as root via a crafted input.

Python Command Injection N A
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 (including earlier versions) were discovered to contain a command injection vulnerability in the log viewing function. This vulnerability allows remote attackers to execute arbitrary commands as root via a crafted input.

Command Injection N A
NVD VulDB
EPSS 1% CVSS 7.1
HIGH This Week

Command injection in e107 CMS versions 2.3.5 and earlier allows authenticated low-privilege users to execute arbitrary shell commands as the web server user via the news submission upload flow. The flaw lives in resize_image() where the ImageMagick convert destination path embeds a 6-character slice of the user-controlled news title without shell escaping, letting tab characters and $(...) / backtick expansions reach /bin/sh -c. No public exploit identified at time of analysis, and exploitation requires a specific non-default configuration combination.

Command Injection E107
NVD GitHub
EPSS 0% CVSS 9.1
CRITICAL Act Now

Authenticated command injection in Splunk AI Toolkit versions below 5.7.4 allows a user with the Splunk admin role to execute arbitrary OS commands on the underlying Splunk Enterprise host. The flaw lives in the btool configuration helper, which builds shell command strings from dynamic parameters with shell interpretation enabled. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Command Injection Splunk Splunk Ai Toolkit
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

OpenStack Horizon before 25.7.4 embeds project names unsanitized into generated OpenStack RC shell scripts, enabling OS command injection when a victim user downloads and sources that script locally. An attacker with sufficient privileges to create or control a project name can insert shell metacharacters (e.g., backtick sequences, command substitution syntax) that execute arbitrary commands in the victim's local shell environment upon RC file execution. No public exploit code or CISA KEV listing exists at time of analysis, though the underlying CWE-78 class is well-understood; notably, the OpenStack project itself characterizes this as a security hardening opportunity rather than a traditional vulnerability, reflecting a disputed severity framing.

Command Injection Horizon Red Hat
NVD VulDB
EPSS 1% CVSS 9.6
CRITICAL PATCH Act Now

Remote code execution in OpenHuman desktop agent through 0.54.0 allows attackers to escape the Supervised SecurityPolicy sandbox and run arbitrary OS commands as the desktop user via indirect prompt injection. Two allowlist bypasses in src/openhuman/security/policy.rs - missing coverage of find's -execdir/-okdir flags and pre-validation stripping of inline KEY=value env assignments (e.g. GIT_EXTERNAL_DIFF, GIT_SSH_COMMAND) - let an attacker turn an allowlisted command into arbitrary execution. No public exploit identified at time of analysis, but the vendor has shipped a fix in commit 60050aa (first stable release 0.56.0).

Command Injection RCE Openhuman
NVD GitHub
EPSS 2% CVSS 7.2
HIGH This Week

Authenticated OS command injection in MSI RadiX AX6600 WiFi 6 Tri-Band Gaming Router lets an administrator of the web console execute arbitrary operating system commands as root. The flaw was reported through JPCERT/JVN (JVN20769211) and carries a CVSS 3.0 score of 7.2; no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Command Injection Radix Ax6600 Wifi 6 Tri Band Gaming Router
NVD VulDB
EPSS 1% CVSS 8.5
HIGH PATCH This Week

Authenticated OS command injection in the TP-Link TL-WR940N v6 router's IPv6 PPPoE configuration handler allows administrators to break out of the configuration parser and execute arbitrary shell commands with elevated (typically root) privileges on the device. The flaw was reported by TP-Link itself and a firmware fix is available; no public exploit identified at time of analysis. Risk is bounded by the CVSS 4.0 vector requiring adjacent-network access and high privileges (AV:A/PR:H), but post-exploitation impact on confidentiality, integrity, and availability is rated High.

Command Injection Tl Wr940N V6
NVD
EPSS 1% CVSS 8.5
HIGH PATCH This Week

Authenticated OS command injection in the TP-Link TL-WR940N v6 router's BigPond Cable (BPA) WAN configuration module allows administrators to execute arbitrary system commands with elevated privileges on the device. The flaw stems from improper sanitization of user-supplied input in the WAN setup path and affects firmware versions prior to V6_260528. No public exploit has been identified at time of analysis, and the issue is not listed in CISA KEV.

Command Injection Tl Wr940N V6
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Command injection in Deno's `node:child_process` on Windows allows attackers who control any portion of an argument passed to `spawn`/`spawnSync`/`exec` with `shell: true` to execute arbitrary commands via unescaped `cmd.exe` metacharacters. The flaw affects Deno versions prior to 2.7.10 and is the Windows counterpart to the previously fixed CVE-2026-27190. Publicly available exploit code exists (the advisory itself includes a working PoC launching `calc.exe`), but there is no public exploit identified in the wild and no CISA KEV listing at time of analysis.

Command Injection Microsoft
NVD GitHub VulDB
EPSS 1% CVSS 9.1
CRITICAL Act Now

OS command injection in Radiflow iSAP Smart Collector allows an authenticated attacker on the management network to execute arbitrary commands with administrative (root-equivalent) privileges on the underlying operating system via the device's token-authenticated REST API. The CVSS 9.1 score reflects scope-changed impact across confidentiality, integrity, and availability, which is significant given the device's role as an OT/ICS data collector. No public exploit identified at time of analysis, and the flaw was disclosed through ENISA via the Italian CVCN national coordination center.

Command Injection Isap Smart Collector
NVD VulDB
EPSS 1% CVSS 7.4
HIGH This Week

Remote command injection in ServerCo getssl 2.49 and prior allows an attacker who controls or tampers with ACME challenge responses (a malicious/compromised CA endpoint or on-path adversary) to write attacker-chosen file paths via tokens that violate RFC 8555 base64url constraints, typically yielding code execution as the privileged user that renews certificates. The issue was reported by runZero, fixed upstream in v2.50, and at the time of analysis there is no public exploit identified and the CVE is not listed in CISA KEV.

Path Traversal Command Injection Getssl
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Command injection in openSUSE/SUSE wicked DHCP client before 0.6.79 allows attackers operating a rogue DHCP server on the victim's local network segment to execute arbitrary commands by embedding single-quoted shell metacharacters in DHCP option strings, which are written unsanitized to /run/wicked/leaseinfo.* files and later consumed by netconfig. The CVSS 8.8 (AV:A) rating reflects adjacent-network exposure without authentication. No public exploit identified at time of analysis.

Command Injection Wicked Red Hat
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Dell OpenManage Integration with Microsoft Windows Admin Center contains a Remote Code Execution vulnerability in the gateway plugin. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Command Injection Microsoft RCE +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Remote code execution in galaxy_ng's legacy role import API (v1) allows an authenticated user controlling a git repository to execute arbitrary commands on the pulp worker by crafting a branch or tag name containing shell metacharacters. The flaw stems from unsanitized git ref interpolation into a subprocess.run() call with shell=True inside do_git_checkout(), and only affects deployments where GALAXY_ENABLE_LEGACY_ROLES is explicitly enabled (non-default). No public exploit identified at time of analysis.

Command Injection RCE Red Hat Ansible Automation Platform 2
NVD VulDB
EPSS 1% CVSS 8.7
HIGH This Week

Command injection in Turck TBEN-LL-SE-M2, TBEN-L4-SE-M2, and TBEN-L5-SE-M2 Managed Ethernet Switches allows an authenticated low-privileged remote attacker to achieve full system compromise by injecting shell metacharacters into a name parameter. The flaw, reported by CERT@VDE, carries a CVSS 8.8 rating with no public exploit identified at time of analysis and is not currently listed in CISA KEV.

Command Injection Tben Ll Se M2 Tben L4 Se M2 +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

OS command injection in the SSH Elevate Shell feature of Devolutions Remote Desktop Manager up to 2026.2.7 lets an authenticated user who can create or modify a shared SSH entry execute arbitrary commands on remote SSH hosts by smuggling shell metacharacters through a crafted alternate username, abusing stored elevation credentials they would not otherwise possess. No public exploit identified at time of analysis and EPSS is low (0.16%, 5th percentile), but the privilege-escalation angle - turning shared-entry write access into code execution under another user's sudo/elevation context - makes this attractive for insider or post-compromise abuse.

Command Injection Remote Desktop Manager
NVD VulDB
EPSS 1% CVSS 7.8
HIGH This Week

OS command injection in BrowserStack's browserstack-cypress-cli versions prior to 1.36.6 allows attackers who control the cypress_config_filepath value to execute arbitrary shell commands in the context of the user running the CLI. The vulnerable loadJsFile() function in readCypressConfigUtil.js interpolated the path into a shell command executed via child_process.execSync(), letting embedded quote and semicolon characters break out of the quoted argument. No public exploit identified at time of analysis, though the upstream commit and added negative tests effectively document the exact payload pattern.

Command Injection Browserstack Cypress Cli
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Week

OS command injection in Fortra BoKS Manager (Core Privileged Access Manager) lets a malicious or already-compromised legacy tar-installed client execute arbitrary commands on the central BoKS Master when that client is selected for upgrade or patching. The flaw sits in the client version-handling logic of the legacy tar-based upgrade/patch tooling, turning a single rogue managed endpoint into a foothold on the security control plane. It is not in CISA KEV and no public exploit is identified at time of analysis; EPSS is low at 0.57% (43rd percentile), and CISA SSVC records exploitation as 'none' though technical impact as 'total'.

Command Injection Core Privileged Access Manager Boks
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

Remote unauthenticated command injection in Fortra's Core Privileged Access Manager (BoKS) allows network-adjacent attackers to execute arbitrary OS commands with the privileges of the boks_autoregisterd service. The flaw resides in autoregistration processing and carries a critical CVSS 9.8 (AV:N/AC:L/PR:N/UI:N) rating, though no public exploit identified at time of analysis. Because BoKS is a privileged access management product, successful exploitation can directly undermine the security control plane intended to protect enterprise privileged accounts.

Command Injection Core Privileged Access Manager Boks
NVD
EPSS 2% CVSS 2.0
LOW POC Monitor

Command injection in the Yealink SIP-T46U IP phone firmware 108.86.0.118 enables authenticated, adjacent-network attackers to execute arbitrary operating system commands by manipulating the `ip` or `port` arguments submitted to the `/api/inner/tftpuploadiperf` Web FastCGI endpoint. Publicly available exploit code exists, and Yealink did not respond to responsible disclosure, meaning no vendor-released patch has been identified at time of analysis. No KEV listing confirms active exploitation, but the combination of a public proof-of-concept, an absent vendor response, and a default-enabled attack surface on widely deployed enterprise VoIP phones elevates practical risk beyond the moderate CVSS 4.0 score of 5.1.

Command Injection Sip T46U
NVD VulDB
EPSS 2% CVSS 2.1
LOW POC Monitor

Command injection in Yealink SIP-T46U firmware 108.86.0.118 enables remote authenticated attackers to execute arbitrary OS commands via the unsanitized `Time` argument passed to the `mod_diagnose.CommandShellByType` function at the `/api/diagnosis/start` diagnostic endpoint. The exploit leverages the Web FastCGI Service's failure to neutralize shell metacharacters before invoking underlying system commands, consistent with CWE-77. A public proof-of-concept exploit archive is confirmed available, no CISA KEV listing exists at time of analysis, and the vendor did not respond to disclosure - leaving the vulnerability unpatched.

Command Injection Sip T46U
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL Act Now

Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_radio_on_with_ia_apn via the ia parameter.

Command Injection Tenda N A
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in OpenCPN v5.12.0 allows local authenticated users to run shell commands by embedding shell metacharacters in input passed to the wxExecute() function. CVSS 3.1 rates it 7.8 (High) with local attack vector and low privileges required, and SSVC assesses technical impact as total but with no observed exploitation. No public exploit identified at time of analysis beyond a researcher write-up referenced in the advisory.

Command Injection RCE N A
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL Act Now

Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_dial_call via the dialNumber parameter.

Command Injection Tenda N A
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_set_volume via the volume parameter.

Command Injection Tenda N A
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_unlock_sim via the pin parameter.

Command Injection Tenda N A
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_set_rat_mode via the ratMode parameter.

Command Injection Tenda N A
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

Remote code execution in kanishka-linux Reminiscence v0.3.0 allows unauthenticated attackers to execute arbitrary OS commands by supplying crafted input to the media archiving and export pipeline component. The CVSS 9.8 rating reflects network-reachable, unauthenticated exploitation with full impact to confidentiality, integrity, and availability, though no public exploit identified at time of analysis and EPSS sits at 0.67% (47th percentile) indicating limited observed exploitation pressure so far.

Command Injection Code Injection RCE +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_ims_on_with_apn via the ims_apn parameter.

Command Injection Tenda N A
NVD GitHub
EPSS 1% CVSS 8.1
HIGH This Week

Authenticated command injection in kanishka-linux Reminiscence v0.3.0 lets remote attackers execute arbitrary OS commands by submitting crafted input to the /manage/features/media endpoint. The flaw maps to CWE-78 with CVSS 8.1 (PR:L), and publicly available exploit code exists in a referenced gist; EPSS is modest at 0.66% (47th percentile) and the issue is not on CISA KEV.

Command Injection N A
NVD GitHub
EPSS 2% CVSS 7.3
HIGH POC This Week

Command injection in the Ruijie EG105G-P 2.340 gateway router allows authenticated remote attackers to execute arbitrary OS commands by manipulating the params.target argument of the nslookup function in the /cgi-bin/luci/api/diagnose JSON-RPC endpoint. Publicly available exploit code exists, the vendor did not respond to coordinated disclosure, and successful exploitation yields full confidentiality, integrity, and availability impact on the device.

Command Injection Eg105G P
NVD VulDB GitHub
EPSS 2% CVSS 7.4
HIGH POC PATCH This Week

Command injection in the GL.iNet GL-MT3000 travel router's Online Firmware Upgrade Handler (/usr/bin/one_click_upgrade) allows authenticated remote attackers to execute arbitrary OS commands on devices running firmware up to 4.4.5. Publicly available exploit code exists on GitHub, and the issue is fixed in firmware 4.7 (with 4.8.1 currently published by the vendor). No CISA KEV listing has been confirmed, but the combination of a published PoC and an internet-exposable management interface raises the practical risk above the headline CVSS score.

Command Injection Gl Mt3000
NVD VulDB GitHub
EPSS 2% CVSS 7.4
HIGH POC PATCH This Week

Authenticated command injection in the GL.iNet GL-MT3000 travel router (firmware up to 4.4.5) lets remote attackers with low-privileged access execute arbitrary OS commands via the replace_country function in the Tor Proxy Service configuration handler. Publicly available exploit code exists for the flaw, and the vendor has shipped a fix; no public exploit identified at time of analysis as actively exploited in the wild.

Command Injection Gl Mt3000
NVD VulDB GitHub
EPSS 0% CVSS 8.6
HIGH PATCH This Week

OS command injection and arbitrary file truncation in the Perl module Config::IniFiles before 3.001000 occurs because _make_filehandle uses Perl's 2-argument open() on the -file argument, letting filenames prefixed/suffixed with shell metacharacters ('| cmd', 'cmd |', '> path', '>> path') execute commands or overwrite files under the process UID. Any application passing untrusted input to new(-file => ...) or ReadConfig is exposed. EPSS is low (~0.26%) and SSVC reports no observed exploitation, but an upstream patch and a public regression test demonstrate the issue clearly.

Command Injection Config
NVD GitHub VulDB
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Authenticated command injection in File Browser (github.com/filebrowser/filebrowser/v2 before 2.33.8) lets any user holding Execute permission bypass the command allowlist when a shell interpreter such as /bin/sh -c is configured. Because the allowlist validates only the first token while the full raw string is passed to the shell, an attacker chains arbitrary OS commands after a permitted one using metacharacters (;, |, backticks, $()), executing them at the server process privilege - root in the default Docker image. A detailed working PoC is published in the GHSA advisory; EPSS is very low (0.02%, 7th percentile) and the vulnerable Command Execution feature is disabled by default from 2.33.8 onward, including for upgraded existing installations.

Command Injection Docker
NVD GitHub
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Command injection in OpenClaw before 2026.5.18 allows authenticated attackers to modify shell wrapper argv between approval and execution, bypassing the allowlist enforcement. The TOCTOU-style race against the approval gate lets attackers execute unapproved command shapes with the application's privileges, with no public exploit identified at time of analysis but a vendor advisory published via GHSA.

Command Injection Openclaw
NVD GitHub VulDB
EPSS 0% CVSS 7.4
HIGH PATCH This Week

Command injection in Kitty cross-platform GPU terminal emulator versions prior to 0.47.0 allows remote attackers to execute arbitrary shell commands on a victim's host by sending a crafted escape sequence over an attacker-controlled network connection. The terminal echoes its own error message - including attacker-controlled bytes - back to the shell with CRLF, causing the shell to execute the injected command. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Command Injection Kitty Suse
NVD GitHub VulDB
EPSS 0% CVSS 8.6
HIGH PATCH This Week

OS command injection in IEI Integration Corp's iVEC-IEI Virtualization Edge Computer (iVEC TANK-XM811) allows privileged remote attackers to inject and execute arbitrary operating system commands on the affected device. The flaw was disclosed via Taiwan's TWCERT and carries a CVSS 4.0 base score of 8.6, with no public exploit identified at time of analysis. Because exploitation requires high privileges, the issue represents a post-authentication path to full device compromise rather than an unauthenticated remote takeover.

Command Injection Ivec Tank Xm811
NVD VulDB
EPSS 0% CVSS 9.9
CRITICAL PATCH Act Now

Authenticated command injection in Ubiquiti UniFi OS allows low-privileged network-adjacent attackers to execute arbitrary OS commands on UniFi gateways, controllers, NVRs, and NAS devices, with a CVSS 9.9 score reflecting scope change and full CIA impact. The vulnerability affects a broad device family including UDM, UDM Pro/SE/Max/Beast, UDR, UDW, UCG, UNVR, and UNAS lines per Ubiquiti Security Advisory Bulletin 065. No public exploit identified at time of analysis and the issue is not currently listed in CISA KEV.

Command Injection Ubiquiti Unifi Os Server +31
NVD VulDB
EPSS 0% CVSS 9.9
CRITICAL PATCH Act Now

Command injection in Ubiquiti UID Enterprise Agent allows a low-privileged attacker with network access to execute arbitrary commands on the host device by abusing improper input validation. The CVSS 9.9 score reflects a scope change with high confidentiality, integrity, and availability impact, and no public exploit identified at time of analysis. Defenders should treat this as a high-priority patch item given the low attack complexity and minimal privilege requirement.

Command Injection Uid Enterprise Agent
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL Act Now

Remote command injection in ClipBucket v5 prior to version 5.5.3 - #140 allows authenticated users to execute arbitrary OS commands by submitting a crafted URL through the Remote Play video import feature. The URL is concatenated unescaped into shell commands, so any metacharacter is interpreted by the shell, yielding code execution as the web server user. No public exploit identified at time of analysis, but the vendor-confirmed advisory and trivial exploitation pattern make this a high-priority issue for any internet-exposed deployment.

Command Injection Clipbucket V5
NVD GitHub
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Authenticated command injection in CyberArk Privileged Session Manager for SSH (PSMP) versions prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6 allows low-privileged users to execute arbitrary OS commands on the PSMP host. Because PSMP brokers privileged SSH sessions to downstream targets, code execution on this host can pivot an attacker from a constrained PAM user into the operator of the privileged-access tier. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV, but the CVSS 4.0 base score of 8.7 reflects high confidentiality and integrity impact on the vulnerable system.

Command Injection Pam Self Hosted Privilege Cloud
NVD VulDB
EPSS 0% CVSS 8.5
HIGH PATCH This Week

Command injection in KanaDojo's GitHub Actions release workflow (release.yml) allows attackers who can land a pull request to execute arbitrary commands on the repository's CI runner. The version and changes fields of patchNotesData.json are interpolated unsanitized into a child_process.execSync() call, granting any merged malicious PR access to GITHUB_TOKEN and contents:write permissions. No public exploit identified at time of analysis, but the supply-chain blast radius is significant for downstream KanaDojo consumers.

Command Injection Kana Dojo
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

OS command injection in MariaDB Server (CWE-78) lets an attacker achieve remote code execution on Galera cluster nodes by embedding shell metacharacters in a joiner node's name, which the server passes unsanitized to the script defined in wsrep_notify_cmd. Affected branches are 10.6.1–10.6.26, 10.11.1–10.11.17, 11.4.1–11.4.11, 11.8.1–11.8.7, and 12.3.1, but only when wsrep_notify_cmd is configured. It carries a vendor CVSS of 9.8; however EPSS is very low (0.05%, 15th percentile) and SSVC marks exploitation as 'none', so there is no public exploit identified at time of analysis and it is not on CISA KEV.

Command Injection Server
NVD GitHub VulDB
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Command injection in Palo Alto Networks PAN-OS enables an authenticated administrator to escape system-enforced restrictions and execute arbitrary OS commands as root via the CLI or Web UI. Affected deployments include PA-Series and VM-Series firewalls and Panorama (virtual and M-Series); Cloud NGFW and Prisma Access are explicitly excluded per the vendor advisory. No public exploit has been identified at time of analysis, and the CVSS 4.0 score of 6.1 accurately reflects the significant mitigating factor of requiring high-privilege administrative access before exploitation is possible.

Command Injection Paloalto Cloud Ngfw +2
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

Root command injection in dracut's legacy DHCP path allows adjacent-network attackers to execute arbitrary commands inside the initramfs by sending crafted DHCP options (e.g., malicious hostname) that are written unescaped into temporary shell scripts. The flaw affects Red Hat Enterprise Linux 6 through 10, Red Hat Hardened Images, and OpenShift Container Platform 4, granting full system compromise during early boot. No public exploit identified at time of analysis, and EPSS is low (0.16%, 36th percentile), but SSVC rates technical impact as total.

Command Injection RCE Red Hat Enterprise Linux 10 +6
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Malicious MCP server configuration injection via pull requests enables remote code execution on GitHub Actions runners running anthropics/claude-code-action versions prior to 1.0.74. The action's combination of checking out attacker-controlled PR head branches, reading `.mcp.json` from the working directory by default, and unconditionally enabling all discovered project MCP servers creates a poisoned pipeline execution path - an attacker who can open a PR can plant a malicious `.mcp.json` that executes arbitrary commands once a privileged user or automated trigger invokes the Claude action against that PR. Successful exploitation results in full secret exfiltration from the workflow environment, including API keys and tokens accessible to the runner. No public exploit identified at time of analysis; the fix was disclosed via GitHub Security Advisory GHSA-8q5r-mmjf-575q and patched in version 1.0.74.

Command Injection RCE
NVD GitHub
EPSS 0% CVSS 7.0
HIGH POC PATCH This Week

OS command injection in the NodejsFunction local bundling pipeline of aws-cdk-lib prior to 2.245.0 (2.246.0 on Windows) allows an actor controlling bundling property values (externalModules, define, loader, inject, or esbuildArgs) to execute arbitrary commands on the host running the CDK toolchain via shell metacharacter injection. The flaw, reported by Amazon and tracked under GHSA-999r-qq7v-r334, affects developer and CI/CD machines synthesizing CDK applications. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Command Injection Microsoft Aws Cloud Development Kit Library
NVD GitHub
EPSS 0% CVSS 8.5
HIGH PATCH This Week

OS command injection in the VPN module of TP-Link Archer AX12 v1, AX17 v1, AX18 v1, and AX1300 v1.6 routers allows an authenticated attacker on an adjacent network to execute arbitrary commands by uploading a malicious VPN client configuration file. The flaw stems from improper sanitization of special characters during configuration import (CWE-78) and carries a CVSS 4.0 base score of 8.5. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV, but TP-Link has released firmware fixes for all affected models.

Command Injection TP-Link
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Authenticated command injection in Roxy-WI versions 8.2.6.4 and prior allows low-privileged users (role <= 3, 'user') to execute arbitrary OS commands by abusing the configver URL-path parameter on POST /config/versions/<service>/<server_ip>/<configver>/save, which flows unsanitized into an os.system() call wrapping dos2unix. No public exploit identified at time of analysis, but the GHSA advisory is published and no vendor patch exists, leaving exposed instances at immediate risk of full compromise of the management interface host.

Command Injection Nginx Apache
NVD GitHub
Prev Page 3 of 87 Next

Quick Facts

Typical Severity
CRITICAL
Category
web
Total CVEs
7742

Related CWEs

MITRE ATT&CK

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy