CWE-94— Improper Control of Generation of Code (Code Injection)
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.— MITRE CWE catalog
6,491 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-94page 106 of 130
- CVE-2025-53626MEDIUMCVSS 6.1EG 6.12025-07-10
pdfme is a TypeScript-based PDF generator and React-based UI. The expression evaluation feature in pdfme 5.2.0 to 5.4.0 contains critical vulnerabilities allowing sandbox escape leading to XSS and prototype pollution attacks. This vulnerab…
- CVE-2025-5377MEDIUMCVSS 6.1EG 4.32025-05-31
A vulnerability was found in Astun Technology iShare Maps 5.4.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file historic1.asp. The manipulation of the argument Zoom leads to cross site sc…
- CVE-2025-5378MEDIUMCVSS 6.1EG 4.32025-05-31
A vulnerability classified as problematic has been found in Astun Technology iShare Maps 5.4.0. This affects an unknown part of the file mycouncil2.aspx. The manipulation of the argument atTxtStreet leads to cross site scripting. It is pos…
- CVE-2025-5383MEDIUMCVSS 4.8EG 2.42025-05-31
A vulnerability was found in Yifang CMS up to 2.0.2 and classified as problematic. Affected by this issue is some unknown functionality of the component Article Management Module. The manipulation of the argument Default Value leads to cro…
- CVE-2025-53836CRITICALCVSS 9.9EG 9.92025-07-15
XWiki Rendering is a generic rendering system that converts textual input in a given syntax (wiki syntax, HTML, etc) into another syntax (XHTML, etc). Starting in version 4.2-milestone-1 and prior to versions 13.10.11, 14.4.7, and 14.10, t…
- CVE-2025-53867CRITICALCVSS 9.8EG 9.82025-07-17
Island Lake WebBatch before 2025C allows Remote Code Execution via a crafted URL.
- CVE-2025-53890CRITICALCVSS 9.8EG 9.82025-07-15
pyload is an open-source Download Manager written in pure Python. An unsafe JavaScript evaluation vulnerability in pyLoad’s CAPTCHA processing code allows unauthenticated remote attackers to execute arbitrary code in the client browser a…
- CVE-2025-5392CRITICALCVSS 9.8EG 9.82025-07-11
The GB Forms DB plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.2 via the gbfdb_talk_to_front() function. This is due to the function accepting user input and then passing that through …
- CVE-2025-53927MEDIUMCVSS 4.6EG 4.62025-07-17
MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use t…
- CVE-2025-53928MEDIUMCVSS 4.6EG 4.62025-07-17
MaxKB is an open-source AI assistant for enterprise. Prior to versions 1.10.9-lts and 2.0.0, a Remote Command Execution vulnerability exists in the MCP call. Versions 1.10.9-lts and 2.0.0 fix the issue.
- CVE-2025-5396CRITICALCVSS 9.8EG 9.82025-07-17
The Bears Backup plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.0.0. This is due to the bbackup_ajax_handle() function not having a capability check, nor validating user supplied input p…
- CVE-2025-54019MEDIUMCVSS 6.5EG 6.52025-08-20
Improper Control of Generation of Code ('Code Injection') vulnerability in Beplusthemes Alone alone allows Code Injection.This issue affects Alone: from n/a through < 7.8.5.
- CVE-2025-5405MEDIUMCVSS 5.4EG 3.52025-06-01
A vulnerability, which was classified as problematic, has been found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. This issue affects some unknown processing of the file /post.php. The manipulation of the argume…
- CVE-2025-54063HIGHCVSS 8.0EG 8.02025-08-11
Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.4.8 to 1.5.0, there is a one-click remote code execution vulnerability through the custom URL handling. An attacker can exploit this by hosting a m…
- CVE-2025-54068CRITICALCVSS 9.8EG 9.8⚠ KEV2025-07-17
Livewire is a full-stack framework for Laravel. In Livewire v3 up to and including v3.6.3, a vulnerability allows unauthenticated attackers to achieve remote command execution in specific scenarios. The issue stems from how certain compone…
- CVE-2025-5407MEDIUMCVSS 5.4EG 2.42025-06-01
A vulnerability has been found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /register_script.php. The manipul…
- CVE-2025-5411MEDIUMCVSS 5.4EG 3.52025-06-01
A vulnerability was found in Mist Community Edition up to 4.7.1. It has been rated as problematic. This issue affects the function tag_resources of the file src/mist/api/tag/views.py. The manipulation of the argument tag leads to cross sit…
- CVE-2025-5412MEDIUMCVSS 5.4EG 3.52025-06-02
A vulnerability classified as problematic has been found in Mist Community Edition up to 4.7.1. Affected is the function Login of the file src/mist/api/views.py of the component Authentication Endpoint. The manipulation of the argument ret…
- CVE-2025-5420MEDIUMCVSS 5.4EG 3.52025-06-02
A vulnerability classified as problematic was found in juzaweb CMS up to 3.4.2. Affected by this vulnerability is an unknown functionality of the file /admin-cp/file-manager/upload of the component Profile Page. The manipulation of the arg…
- CVE-2025-54322CRITICALCVSS 10.0EG 10.02025-12-27
Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code in the chkid parameter to vLogin.py. The title and oIP parameters are also used.
- CVE-2025-54374HIGHCVSS 8.8EG 8.82025-10-03
Eidos is an extensible framework for Personal Data Management. Versions 0.21.0 and below contain a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted eidos: URL on any…
- CVE-2025-54417HIGHCVSS 8.8EG 8.82025-08-09
Craft is a platform for creating digital experiences. Versions 4.13.8 through 4.16.2 and 5.5.8 through 5.8.3 contain a vulnerability that can bypass CVE-2025-23209: "Craft CMS has a potential RCE with a compromised security key". To exploi…
- CVE-2025-54451CRITICALCVSS 9.8EG 9.82025-07-23
Improper Control of Generation of Code ('Code Injection') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
- CVE-2025-54466CRITICALCVSS 9.8EG 6.32025-08-15
Improper Control of Generation of Code ('Code Injection') vulnerability leading to a possible RCE in Apache OFBiz scrum plugin. This issue affects Apache OFBiz: before 24.09.02 only when the scrum plugin is used. Even unauthenticated a…
- CVE-2025-54550HIGHCVSS 8.1EG 8.12026-04-15
The example example_xcom that was included in airflow documentation implemented unsafe pattern of reading value from xcom in the way that could be exploited to allow UI user who had access to modify XComs to perform arbitrary execution of…
- CVE-2025-54593HIGHCVSS 7.2EG 7.22025-08-01
FreshRSS is a free, self-hostable RSS aggregator. In versions 1.26.1 and below, an authenticated administrator user can execute arbitrary code on the FreshRSS server by modifying the update URL to one they control, and gain code execution …
- CVE-2025-54594CRITICALCVSS 9.1EG 9.12025-08-06
react-native-bottom-tabs is a library of Native Bottom Tabs for React Native. In versions 0.9.2 and below, the github/workflows/release-canary.yml GitHub Actions repository workflow improperly used the pull_request_target event trigger, wh…
- CVE-2025-54731HIGHCVSS 8.1EG 8.12025-08-28
Improper Control of Generation of Code ('Code Injection') vulnerability in emarket-design YouTube Showcase youtube-showcase allows Object Injection.This issue affects YouTube Showcase: from n/a through <= 3.5.1.
- CVE-2025-54815HIGHCVSS 8.8EG 8.82025-09-19
Server-side template injection (SSTI) vulnerability in PPress 0.0.9 allows attackers to execute arbitrary code via crafted themes.
- CVE-2025-54940LOWCVSS 3.4EG 3.42025-08-08
An HTML injection vulnerability exists in WordPress plugin "Advanced Custom Fields" prior to 6.4.3. If this vulnerability is exploited, crafted HTML code may be rendered and page display may be tampered.
- CVE-2025-54997CRITICALCVSS 9.1EG 9.12025-08-09
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, some OpenBao deployments intentionally limit privileged API operators fro…
- CVE-2025-5505LOWCVSS 2.4EG 2.42025-06-03
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011 and classified as problematic. This issue affects some unknown processing of the file /boafrm/formPortFw of the component Virtual Server Page. The manipulation of the argum…
- CVE-2025-5506MEDIUMCVSS 5.4EG 2.42025-06-03
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been classified as problematic. Affected is an unknown function of the component NAT Mapping Page. The manipulation of the argument Comment leads to cross site scri…
- CVE-2025-5507MEDIUMCVSS 5.4EG 2.42025-06-03
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component MAC Filtering Page. The manipulation of the argument Comme…
- CVE-2025-5508LOWCVSS 3.4EG 2.42025-06-03
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been rated as problematic. Affected by this issue is some unknown functionality of the component IP Port Filtering Page. The manipulation of the argument Comment le…
- CVE-2025-5513MEDIUMCVSS 5.4EG 3.52025-06-03
A vulnerability has been found in quequnlong shiyi-blog up to 1.2.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /dev-api/api/comment/add. The manipulation of the argument content le…
- CVE-2025-5516MEDIUMCVSS 4.8EG 2.42025-06-03
A vulnerability, which was classified as problematic, was found in TOTOLINK X2000R 1.0.0-B20230726.1108. This affects an unknown part of the file /boafrm/formFilter of the component URL Filtering Page. The manipulation of the argument URL …
- CVE-2025-55192HIGHCVSS 8.6EG 8.62025-08-14
HomeAssistant-Tapo-Control offers Control for Tapo cameras as a Home Assistant component. Prior to commit 2a3b80f, there is a code injection vulnerability in the GitHub Actions workflow .github/workflows/issues.yml. It does not affect user…
- CVE-2025-55204HIGHCVSS 8.8EG 8.82026-01-05
muffon is a cross-platform music streaming client for desktop. Versions prior to 2.3.0 have a one-click Remote Code Execution (RCE) vulnerability in. An attacker can exploit this issue by embedding a specially crafted `muffon://` link on a…
- CVE-2025-5523MEDIUMCVSS 6.1EG 3.52025-06-03
A vulnerability classified as problematic has been found in enilu web-flash 1.0. This affects the function fileService.upload of the file src/main/java/cn/enilu/flash/api/controller/FileController/upload of the component File Upload. The m…
- CVE-2025-55305MEDIUMCVSS 6.1EG 6.12025-09-04
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions below 35.7.5, 36.0.0-alpha.1 through 36.8.0, 37.0.0-alpha.1 through 37.3.1 and 38.0.0-alpha.1 through 38.0.0-beta.6, ASAR I…
- CVE-2025-55313HIGHCVSS 7.8EG 7.82025-12-11
An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. They allow potential arbitrary code execution when processing crafted PDF files. The vulnerability stems from insufficient handling o…
- CVE-2025-55346CRITICALCVSS 9.8EG 9.82025-08-14
User-controlled input flows to an unsafe implementation of a dynamic Function constructor, allowing network attackers to run arbitrary unsandboxed JS code in the context of the host, by sending a simple POST request.
- CVE-2025-5542MEDIUMCVSS 4.8EG 2.42025-06-03
A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been classified as problematic. Affected is an unknown function of the file /boafrm/formPortFw of the component Virtual Server Page. The manipulation of the argument…
- CVE-2025-55423CRITICALCVSS 9.8EG 9.82026-01-20
A command injection vulnerability exists in the upnp_relay() function in multiple ipTIME router models because the controlURL value used to pass port-forwarding information to an upper router is passed to system() without proper validation…
- CVE-2025-5543MEDIUMCVSS 4.8EG 2.42025-06-03
A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Parent Controls Page. The manipulation of the argument Devi…
- CVE-2025-55727CRITICALCVSS 10.0EG 10.02025-09-09
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Starting in version 1.0 and prior to version 1.26.5, missing escaping of the width parameter in the column macro allows remote code…
- CVE-2025-55728CRITICALCVSS 10.0EG 10.02025-09-09
XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Starting in version 1.0 and prior to version 1.26.5, missing escaping of the classes parameter in the panel macro allows remote cod…
- CVE-2025-55733CRITICALCVSS 9.6EG 9.62025-08-19
DeepChat is a smart assistant that connects powerful AI to your personal world. DeepChat before 0.3.1 has a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted deepcha…
- CVE-2025-5584MEDIUMCVSS 5.4EG 2.42025-06-04
A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been classified as problematic. Affected is an unknown function of the file /doctor/edit-patient.php?editid=2 of the component POST Parameter Handler. The manip…
Map vulnerabilities like CWE-94 to your infrastructure
EchelonGraph correlates every CVE — across CWE-94 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →