CWE-88— Argument Injection or Modification
The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.— MITRE CWE catalog
372 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-88page 8 of 8
- CVE-2026-4519LOWCVSS 3.3EG 3.32026-03-20
The webbrowser.open() API would accept leading dashes in the URL which could be handled as command line options for certain web browsers. New behavior rejects leading dashes. Users are recommended to sanitize URLs prior to passing to we…
- CVE-2026-46483LOWCVSS 3.6EG 3.62026-05-15
Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-like systems. The function builds :!gunzip …
- CVE-2026-46529HIGHCVSS 7.8EG 7.82026-06-10
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code executio…
- CVE-2026-47114HIGHCVSS 8.8EG 8.82026-05-21
IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands by supplying malicious mpv_-prefixed query parameters through the iina://open custom URL scheme handler. …
- CVE-2026-47250MEDIUMCVSS 6.1EG 6.12026-06-05
mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.7.0, the kubectl_generic tool in mcp-server-kubernetes passes user-supplied flags directly to kubectl without any allowlist, ena…
- CVE-2026-47365CRITICALCVSS 9.9EG 9.92026-06-12
Argument injection vulnerability in WordPress Toolkit before 6.11.0 as used in cPanel & WHM, allows remote authenticated users to bypass cross-tenant authorization and execute arbitrary wp-toolkit CLI commands as another account.
- CVE-2026-4786HIGHCVSS 7.1EG 7.02026-04-13
Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open()" API could have commands injected into the underlying shell. See CVE-2026-4519 fo…
- CVE-2026-48116HIGHCVSS 7.5EG 7.52026-05-28
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, the filesystem-search-files agent skill passes its LLM-controlled pattern parameter to ripgrep as …
- CVE-2026-48793HIGHCVSS 8.8EG 8.82026-06-24
Jellyfin is an open source self hosted media server. Prior to 10.11.10, a potential FFmpeg argument injection vulnerability exists in the subtitle conversion code path. SubtitleEncoder.ConvertTextSubtitleToSrtInternal (SubtitleEncoder.cs, …
- CVE-2026-49373HIGHCVSS 8.8EG 7.12026-05-29
In JetBrains TeamCity before 2026.1 remote code execution was possible via Perforce connection settings
- CVE-2026-50014HIGHCVSS 7.3EG 7.32026-06-25
pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm passes the lockfile-controlled git resolution.commit value to git fetch without a -- separator or commit-format validation. For git dependencies fetched through the shallow-fetch…
- CVE-2026-52750HIGHCVSS 7.8EG 7.82026-06-10
Ghidra before 12.1 contains a command injection vulnerability in URL annotation handling on Windows where cmd.exe metacharacters are not properly escaped. Attackers can execute arbitrary commands under the Ghidra user's privileges by embed…
- CVE-2026-53694HIGHCVSS 7.3EG 7.32026-06-10
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Nomachine allows Argument Injection.This issue affects Nomachine: before 9.5.7, before 8.23.2.
- CVE-2026-54088CRITICALCVSS 9.3EG 9.32026-06-25
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, the Hook Authentication feature in File Browser allows administrators to delegate log…
- CVE-2026-54686MEDIUMCVSS 4.3EG 4.32026-06-24
Warp is an agentic development environment. From 0.2021.04.25.23.05.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepted certain state-mutating terminal lifecycle hooks from the PTY stream without verifying that the hooks were emitt…
- CVE-2026-57572CRITICALCVSS 10.0EG 10.02026-07-06
Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, the Docker API server accepted request-supplied browser_config.extra_args, which flowed into Chromium's launch arguments. An attacker could inject Chromium sw…
- CVE-2026-61459CRITICALCVSS 9.8EG 9.82026-07-10
MCP Server Kubernetes before 3.9.0 contains an argument injection vulnerability in structured tools (kubectl_get, kubectl_describe, kubectl_delete) that allows attackers to bypass the assertNoDangerousFlags security check by supplying reso…
- CVE-2026-6437MEDIUMCVSS 6.5EG 6.52026-04-17
Improper neutralization of argument delimiters in the volume handling component in AWS EFS CSI Driver (aws-efs-csi-driver) before v3.0.1 allows remote authenticated users with PersistentVolume creation permissions to inject arbitrary mount…
- CVE-2026-6951CRITICALCVSS 9.8EG 9.82026-04-25
Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incomplete fix for [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221) that blocks the -c option but not the equ…
- CVE-2026-7725MEDIUMCVSS 6.3EG 6.32026-05-04
A vulnerability was found in PrefectHQ prefect up to 3.6.25.dev6. Affected by this issue is some unknown functionality of the file src/prefect/runner/storage.py of the component GitRepository Pull Handler. The manipulation of the argument …
- CVE-2026-7865HIGHCVSS 7.4EG 7.42026-05-05
A hidden console command is vulnerable to command injection flaw when control characters are passed to its second argument. A third party researcher Eugene Lim had discovered vulnerability in the way console command passes to a popen fu…
- CVE-2026-8773MEDIUMCVSS 4.7EG 4.72026-05-18
A security vulnerability has been detected in linlinjava litemall up to 1.8.0. Affected by this vulnerability is the function backup/load of the file litemall-db/src/main/java/org/linlinjava/litemall/db/util/DbUtil.java of the component Da…
Map vulnerabilities like CWE-88 to your infrastructure
EchelonGraph correlates every CVE — across CWE-88 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →