CWE-94— Improper Control of Generation of Code (Code Injection)
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.— MITRE CWE catalog
6,491 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-94page 109 of 130
- CVE-2025-6347MEDIUMCVSS 5.4EG 2.42025-06-20
A vulnerability was found in code-projects Responsive Blog 1.0/1.12.4/3.3.4. It has been declared as problematic. This vulnerability affects unknown code of the file /responsive/resblog/blogadmin/admin/pageViewMembers.php. The manipulation…
- CVE-2025-6353MEDIUMCVSS 5.4EG 3.52025-06-20
A vulnerability classified as problematic was found in code-projects Responsive Blog 1.0. Affected by this vulnerability is an unknown functionality of the file /search.php. The manipulation of the argument keyword leads to cross site scri…
- CVE-2025-63665CRITICALCVSS 9.8EG 9.82025-12-19
An issue in GT Edge AI Community Edition Versions before v2.0.12 allows attackers to execute arbitrary code via injecting a crafted JSON payload into the Prompt window.
- CVE-2025-63693MEDIUMCVSS 5.4EG 5.42025-11-18
The comment editing template (dzz/comment/template/edit_form.htm) in DzzOffice 2.3.x lacks adequate security escaping for user-controllable data in multiple contexts, including HTML and JavaScript strings. This allows low-privilege attacke…
- CVE-2025-63706CRITICALCVSS 9.8EG 9.82026-05-07
NPM package next-npm-version1.0.1 is vulnerable to Command injection.
- CVE-2025-6389CRITICALCVSS 9.8EG 9.82025-11-25
The Sneeit Framework plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 8.3 via the sneeit_articles_pagination_callback() function. This is due to the function accepting user input and then pa…
- CVE-2025-64050HIGHCVSS 7.2EG 7.22025-11-25
A Remote Code Execution (RCE) vulnerability in the template management component in REDAXO CMS 5.20.0 allows remote authenticated administrators to execute arbitrary operating system commands by injecting PHP code into an active template. …
- CVE-2025-64108HIGHCVSS 8.8EG 8.82025-11-04
Cursor is a code editor built for programming with AI. In versions 1.7.44 and below, various NTFS path quirks allow a prompt injection attacker to circumvent sensitive file protections and overwrite files which Cursor requires human approv…
- CVE-2025-64318MEDIUMCVSS 5.3EG 6.52025-11-04
Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Manipulating Writeable Configuration Files.This issue affects Mulesoft Anypoint Code Builder: before 1.12.1.
- CVE-2025-64320MEDIUMCVSS 6.5EG 6.52025-11-04
Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Code Injection.This issue affects Agentforce Vibes Extension: before 3.2.0.
- CVE-2025-64321MEDIUMCVSS 5.3EG 5.32025-11-04
Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0.
- CVE-2025-6452MEDIUMCVSS 4.8EG 2.42025-06-22
A vulnerability was found in CodeAstro Patient Record Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the component Generate New Report Page. The manipulation of the argument Patient N…
- CVE-2025-64676HIGHCVSS 7.2EG 7.22025-12-18
'.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network.
- CVE-2025-64691HIGHCVSS 8.8EG 8.82026-01-16
The vulnerability, if exploited, could allow an authenticated miscreant (OS standard user) to tamper with TCL Macro scripts and escalate privileges to OS system, potentially resulting in complete compromise of the model application serv…
- CVE-2025-6473MEDIUMCVSS 6.1EG 4.32025-06-22
A vulnerability, which was classified as problematic, was found in code-projects School Fees Payment System 1.0. This affects an unknown part of the file /fees.php. The manipulation of the argument transcation_remark leads to cross site sc…
- CVE-2025-6475MEDIUMCVSS 4.8EG 2.42025-06-22
A vulnerability was found in SourceCodester Student Result Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /script/admin/manage_students of the component Manage Students Module. T…
- CVE-2025-6477MEDIUMCVSS 4.8EG 2.42025-06-22
A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /script/admin/system of the component System Sett…
- CVE-2025-65026CRITICALCVSS 9.6EG 6.12025-11-19
esm.sh is a nobuild content delivery network(CDN) for modern web development. Prior to version 136, The esm.sh CDN service contains a Template Literal Injection vulnerability (CWE-94) in its CSS-to-JavaScript module conversion feature. Whe…
- CVE-2025-65037CRITICALCVSS 10.0EG 10.02025-12-18
Improper control of generation of code ('code injection') in Azure Container Apps allows an unauthorized attacker to execute code over a network.
- CVE-2025-6509LOWCVSS 3.5EG 3.52025-06-23
A vulnerability was found in seaswalker spring-analysis up to 4379cce848af96997a9d7ef91d594aa129be8d71. It has been declared as problematic. Affected by this vulnerability is the function echo of the file /src/main/java/controller/SimpleCo…
- CVE-2025-65099CRITICALCVSS 9.8EG 9.82025-11-19
Claude Code is an agentic coding tool. Prior to version 1.0.39, when running on a machine with Yarn 3.0 or above, Claude Code could have been tricked to execute code contained in a project via yarn plugins before the user accepted the star…
- CVE-2025-65108CRITICALCVSS 10.0EG 10.02025-11-21
md-to-pdf is a CLI tool for converting Markdown files to PDF using Node.js and headless Chrome. Prior to version 5.2.5, a Markdown front-matter block that contains JavaScript delimiter causes the JS engine in gray-matter library to execute…
- CVE-2025-6512CRITICALCVSS 10.0EG 10.02025-06-23
On a client with a non-admin user, a script can be integrated into a report. The reports could later be executed on the BRAIN2 server with administrator rights.
- CVE-2025-65271HIGHCVSS 8.8EG 8.82025-12-08
Client-side template injection (CSTI) in Azuriom CMS admin dashboard allows a low-privilege user to execute arbitrary template code in the context of an administrator's session. This can occur via plugins or dashboard components that rende…
- CVE-2025-65294CRITICALCVSS 9.8EG 9.82025-12-10
Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 contain an undocumented remote access mechanism enabling unrestricted remote command execution.
- CVE-2025-6551MEDIUMCVSS 5.4EG 3.52025-06-24
A vulnerability was found in java-aodeng Hope-Boot 1.0.0 and classified as problematic. This issue affects the function Login of the file /src/main/java/com/hope/controller/WebController.java. The manipulation of the argument errorMsg lead…
- CVE-2025-65602CRITICALCVSS 9.8EG 9.82025-12-10
A template injection vulnerability in the /vip/v1/file/save component of ChanCMS v3.3.4 allows attackers to execute arbitrary code via a crafted POST request.
- CVE-2025-6569MEDIUMCVSS 6.1EG 4.32025-06-24
A vulnerability classified as problematic was found in code-projects School Fees Payment System 1.0. Affected by this vulnerability is an unknown functionality of the file /student.php. The manipulation of the argument sname/contact/about/…
- CVE-2025-65715HIGHCVSS 7.8EG 7.82026-02-16
An issue in the code-runner.executorMap setting of Visual Studio Code Extensions Code Runner v0.12.2 allows attackers to execute arbitrary code when opening a crafted workspace.
- CVE-2025-65716HIGHCVSS 8.8EG 8.82026-02-16
An issue in Visual Studio Code Extensions Markdown Preview Enhanced v0.8.18 allows attackers to execute arbitrary code via uploading a crafted .Md file.
- CVE-2025-65719CRITICALCVSS 9.8EG 9.82026-05-12
An issue in Open Source Kubectl MCP Server v1.1.1 allows attackers to execute arbitrary code on a victim system via user interaction with a crafted HTML page.
- CVE-2025-65817HIGHCVSS 8.8EG 8.82025-12-22
LSC Smart Connect Indoor IP Camera 1.4.13 contains a RCE vulnerability in start_app.sh.
- CVE-2025-65829MEDIUMCVSS 6.8EG 6.82025-12-10
The ESP32 system on a chip (SoC) that powers the Meatmeet basestation device was found to lack Secure Boot. The Secure Boot feature ensures that only authenticated software can execute on the device. The Secure Boot process forms a chain o…
- CVE-2025-65854CRITICALCVSS 9.8EG 9.82025-12-12
Insecure permissions in the scheduled tasks feature of MineAdmin v3.x allows attackers to execute arbitrary commands and execute a full account takeover.
- CVE-2025-66078CRITICALCVSS 9.1EG 9.12025-12-18
Improper Control of Generation of Code ('Code Injection') vulnerability in jetmonsters Hotel Booking Lite motopress-hotel-booking-lite allows Remote Code Inclusion.This issue affects Hotel Booking Lite: from n/a through <= 5.2.3.
- CVE-2025-6613MEDIUMCVSS 5.4EG 3.52025-06-25
A vulnerability classified as problematic was found in PHPGurukul Hospital Management System 4.0. Affected by this vulnerability is an unknown functionality of the file /doctor/manage-patient.php. The manipulation of the argument Name lead…
- CVE-2025-66222CRITICALCVSS 9.6EG 9.62025-12-03
DeepChat is a smart assistant uses artificial intelligence. In 0.5.0 and earlier, there is a Stored Cross-Site Scripting (XSS) vulnerability in the Mermaid diagram renderer allows an attacker to execute arbitrary JavaScript within the appl…
- CVE-2025-66224HIGHCVSS 8.8EG 8.82025-11-29
OrangeHRM is a comprehensive human resource management (HRM) system. From version 5.0 to 5.7, the application contains an input-neutralization flaw in its mail configuration and delivery workflow that allows user-controlled values to flow …
- CVE-2025-66294HIGHCVSS 8.8EG 8.82025-12-01
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a Server-Side Template Injection (SSTI) vulnerability exists in Grav that allows authenticated attackers with editor permissions to execute arbitrary commands on the server and, un…
- CVE-2025-66299HIGHCVSS 8.8EG 8.82025-12-01
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, Grav CMS is vulnerable to a Server-Side Template Injection (SSTI) that allows any authenticated user with editor permissions to execute arbitrary code on the remote server, bypassi…
- CVE-2025-66434HIGHCVSS 8.8EG 9.82025-12-15
An SSTI (Server-Side Template Injection) vulnerability exists in the get_dunning_letter_text method of Frappe ERPNext through 15.89.0. The function renders attacker-controlled Jinja2 templates (body_text) using frappe.render_template() wit…
- CVE-2025-66435MEDIUMCVSS 4.3EG 4.32025-12-15
An SSTI (Server-Side Template Injection) vulnerability exists in the get_contract_template method of Frappe ERPNext through 15.89.0. The function renders attacker-controlled Jinja2 templates (contract_terms) using frappe.render_template() …
- CVE-2025-66436MEDIUMCVSS 4.3EG 4.32025-12-15
An SSTI (Server-Side Template Injection) vulnerability exists in the get_terms_and_conditions method of Frappe ERPNext through 15.89.0. The function renders attacker-controlled Jinja2 templates (terms) using frappe.render_template() with a…
- CVE-2025-66437HIGHCVSS 8.8EG 8.82025-12-15
An SSTI (Server-Side Template Injection) vulnerability exists in the get_address_display method of Frappe ERPNext through 15.89.0. This function renders address templates using frappe.render_template() with a context derived from the addre…
- CVE-2025-66438HIGHCVSS 8.8EG 9.82025-12-15
A Server-Side Template Injection (SSTI) vulnerability exists in the Frappe ERPNext through 15.89.0 Print Format rendering mechanism. Specifically, the API frappe.www.printview.get_html_and_style() triggers the rendering of the html field i…
- CVE-2025-66448HIGHCVSS 8.8EG 7.12025-12-01
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an au…
- CVE-2025-66457HIGHCVSS 8.8EG 8.82025-12-09
Elysia is a Typescript framework for request validation, type inference, OpenAPI documentation and client-server communication. Versions 1.4.17 and below are subject to arbitrary code execution from cookie config. When dynamic cookies are …
- CVE-2025-66474HIGHCVSS 8.8EG 8.82025-12-10
XWiki Rendering is a generic rendering system that converts textual input in a given syntax (wiki syntax, HTML, etc) into another syntax (XHTML, etc). Versions 16.10.9 and below, 17.0.0-rc-1 through 17.4.2 and 17.5.0-rc-1 through 17.5.0 ha…
- CVE-2025-66481CRITICALCVSS 9.6EG 9.62025-12-09
DeepChat is an open-source AI chat platform that supports cloud models and LLMs. Versions 0.5.1 and below are vulnerable to XSS attacks through improperly sanitized Mermaid content. The recent security patch for MermaidArtifact.vue is insu…
- CVE-2025-66533MEDIUMCVSS 5.3EG 7.82025-12-09
Improper Control of Generation of Code ('Code Injection') vulnerability in StellarWP GiveWP give allows Code Injection.This issue affects GiveWP: from n/a through <= 4.13.1.
Map vulnerabilities like CWE-94 to your infrastructure
EchelonGraph correlates every CVE — across CWE-94 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →