CWE-94— Improper Control of Generation of Code (Code Injection)
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.— MITRE CWE catalog
6,503 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-94page 126 of 131
- CVE-2026-50178HIGHCVSS 8.8EG 8.82026-06-22
The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. the client-side Angular Language Service VS Code extension configures the tooltip Markdown renderer with the isTrusted: true option (l…
- CVE-2026-50223HIGHCVSS 8.8EG 8.82026-06-11
Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz allows a low-privileged authenticated user with Content/DataResource editing privileges to perform template injection attacks that could lead to Remote…
- CVE-2026-50650HIGHCVSS 7.8EG 7.82026-07-14
Improper control of generation of code ('code injection') in .NET Framework allows an unauthorized attacker to elevate privileges locally.
- CVE-2026-50741HIGHCVSS 8.8EG 8.82026-06-26
Bypass to the fix for CVE-2026-34916. Variants of such vectors have been also reported by phucrio and offsetmd. The fix can be bypassed either by sending a disallowed but otherwise valid plugin identifier as `type`, or using the `ox.setCha…
- CVE-2026-50871CRITICALCVSS 9.8EG 9.82026-06-15
An OS command injection vulnerability in the media archiving and export pipeline component of kanishka-linux Reminiscence v0.3.0 allows attackers to execute arbitrary commands via supplying a crafted input.
- CVE-2026-50872CRITICALCVSS 9.8EG 9.82026-06-15
An issue in the loopback request handling component of fossar selfoss v2.20-SNAPSHOT allows attackers to execute arbitrary commands and obtain sensitive information via supplying a crafted HTTP request.
- CVE-2026-50880CRITICALCVSS 9.8EG 9.82026-06-15
An issue in the sendmail transport integration component of YouTransfer v1.0.6 allows attackers to execute arbitrary code via supplying a crafted request.
- CVE-2026-52200CRITICALCVSS 9.8EG 9.82026-07-08
An issue in Generic OEM UZ801_v2.1 4G LTE Router V3.4.3 allows a remote attacker to execute arbitrary code via the /ajax web management API endpoint in MifiService.apk
- CVE-2026-5240MEDIUMCVSS 4.3EG 4.32026-04-01
A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. This affects an unknown part of the file /admin_state.php. The manipulation of the argument statename leads to cross site scripting. It is possible …
- CVE-2026-5249LOWCVSS 3.5EG 3.52026-04-01
A vulnerability was found in gougucms 4.08.18. This impacts an unknown function of the file \gougucms-master\app\admin\view\user\record.html of the component Record Endpoint. Performing a manipulation of the argument value.content results …
- CVE-2026-5252LOWCVSS 3.5EG 3.52026-04-01
A security flaw has been discovered in z-9527 admin 1.0/2.0. Affected is an unknown function of the file /server/routes/message.js of the component Message Create Endpoint. Performing a manipulation results in cross site scripting. The att…
- CVE-2026-5253LOWCVSS 3.5EG 3.52026-04-01
A weakness has been identified in bufanyun HotGo 1.0/2.0. Affected by this vulnerability is an unknown functionality of the file /web/src/layout/components/Header/MessageList.vue of the component editNotice Endpoint. Executing a manipulati…
- CVE-2026-5254LOWCVSS 3.5EG 3.52026-04-01
A security vulnerability has been detected in welovemedia FFmate up to 2.0.15. Affected by this issue is some unknown functionality of the file /ui/app/components/AppJsonTreeView.vue of the component Webhook Handler. The manipulation leads…
- CVE-2026-5255MEDIUMCVSS 4.3EG 4.32026-04-01
A vulnerability was detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /delstaffinfo.php of the component Parameter Handler. The manipulation of the argument userid results in cross site scripting…
- CVE-2026-52704CRITICALCVSS 10.0EG 10.02026-06-15
Improper Control of Generation of Code ('Code Injection') vulnerability in Edgar Rojas WooCommerce PDF Invoice Builder allows Remote Code Inclusion. This issue affects WooCommerce PDF Invoice Builder: from n/a through 2.0.8.
- CVE-2026-52778CRITICALCVSS 9.8EG 9.82026-06-08
YesWiki is a wiki system written in PHP. Prior to version 4.6.6, an unsafe execution vulnerability exists in the Bazar form field calculator (CalcField.php) of YesWiki. The application attempts to sanitize user-defined mathematical formula…
- CVE-2026-52858HIGHCVSS 7.8EG 7.82026-06-11
Vim is an open source, command line text editor. Prior to version 9.2.0561, the Python omni-completion script in python3complete.vim for Vim with the +python3 interpreter enabled (and the legacy pythoncomplete.vim for builds with the +pyth…
- CVE-2026-52860HIGHCVSS 7.8EG 7.82026-06-11
Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec() as part of populating the completion diction…
- CVE-2026-5319MEDIUMCVSS 4.3EG 4.32026-04-02
A security vulnerability has been detected in itsourcecode Payroll Management System up to 1.0. Affected is an unknown function of the file /navbar.php. Such manipulation of the argument page leads to cross site scripting. It is possible t…
- CVE-2026-5325LOWCVSS 3.5EG 3.52026-04-02
A vulnerability was determined in SourceCodester Simple Customer Relationship Management System 1.0. This issue affects some unknown processing of the file /create-ticket.php of the component Create Ticket. This manipulation of the argumen…
- CVE-2026-5332LOWCVSS 3.5EG 3.52026-04-02
A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cross site scripting. Remote exploitation of…
- CVE-2026-53511HIGHCVSS 8.5EG 8.52026-07-07
calibre is an e-book manager. Prior to 9.10.0, a malicious EPUB, OPF, or PDF file can execute arbitrary Python code when its metadata is read by calibre, including through Add books or Edit books, by embedding a custom column definition wi…
- CVE-2026-53576CRITICALCVSS 10.0EG 10.02026-06-26
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the authentication filter for the REST API (@Filter("/api/v1/**")) treats any request whose path ends in /configs as the public instance-config endp…
- CVE-2026-53597HIGHCVSS 8.7EG 8.72026-07-16
Prompty is a markdown file format (.prompty) for LLM prompts. From 2.0.0-alpha.1 until 2.0.0-beta.3, the @prompty/core TypeScript loader in runtime/typescript/packages/core/src/core/loader.ts used gray-matter without overriding executable …
- CVE-2026-5366CRITICALCVSS 9.9EG 9.92026-06-20
Prefect version 3.6.23 is vulnerable to remote code execution due to improper handling of user-controlled input in the `GitRepository` storage class. The `commit_sha` parameter, which is passed to git commands, lacks validation and does no…
- CVE-2026-5370LOWCVSS 3.5EG 3.52026-04-02
A vulnerability was identified in krayin laravel-crm up to 2.2. Impacted is the function composeMail of the file packages/Webkul/Admin/tests/e2e-pw/tests/mail/inbox.spec.ts of the component Activities Module/Notes Module. The manipulation …
- CVE-2026-53751HIGHCVSS 8.7EG 8.72026-07-07
DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the H2 database JDBC URL validation logic can be bypassed with special Unicode characters whose case-conversion behavior differs between DataEase validation…
- CVE-2026-53753CRITICALCVSS 10.0EG 10.02026-06-16
Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, the _safe_eval_expression() function in the computed fields feature uses an AST validator that only blocks attributes starting with underscore. Python generator…
- CVE-2026-53951HIGHCVSS 8.8EG 8.82026-07-08
Copier is a library and CLI app for rendering project templates. In versions 9.5.0 through 9.15.1, the `trust` setting's prefix match (`copier/_settings.py`) compares the template URL against a trusted prefix with a raw `str.startswith` an…
- CVE-2026-54057HIGHCVSS 7.8EG 7.82026-06-12
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.3, kitty's OSC 21 (color-control) query reply reflects attacker-controlled bytes, including newlines, into the shell's input without sanitization. Version 0.47.3 fixes…
- CVE-2026-54074HIGHCVSS 7.8EG 7.82026-06-19
Tina is a headless content management system. @tinacms/cli versions prior to 2.4.3 contain a Remote Code Execution vulnerability in the Forestry-to-Tina migration command. The internal helper addVariablesToCode unquotes any value matching …
- CVE-2026-54133CRITICALCVSS 9.8EG 9.82026-06-12
jmespath.php allows users to use JMESPath, software for declaratively specifying how to extract elements from a JSON document, in PHP applications with PHP data structures. Versions prior to 2.9.1 can generate and execute attacker-controll…
- CVE-2026-54271HIGHCVSS 8.2EG 8.22026-06-15
protobufjs-cli is the command line add-on for protobuf.js. Prior to 1.3.2 and 2.5.0, a previous fix for unsafe name handling in pbjs static / static-module code generation was incomplete. Affected versions of protobufjs-cli could still emi…
- CVE-2026-5468LOWCVSS 3.5EG 3.52026-04-03
A security flaw has been discovered in Casdoor 2.356.0. This affects the function dangerouslySetInnerHTML. Performing a manipulation of the argument formCss/formCssMobile/formSideHtml results in cross site scripting. The attack can be init…
- CVE-2026-54769CRITICALCVSS 10.0EG 10.02026-07-06
Langroid is a framework for building large-language-model-powered applications. Versions prior to 0.65.2 are vulnerable to a critical Sandbox Escape leading to Remote Code Execution (RCE) in its `TableChatAgent` and `VectorStore` capabilit…
- CVE-2026-54816HIGHCVSS 7.5EG 7.52026-06-17
Improper Control of Generation of Code ('Code Injection') vulnerability in Monetizemore Advanced Ads allows Remote Code Inclusion. This issue affects Advanced Ads: from n/a through 2.0.21.
- CVE-2026-54823CRITICALCVSS 9.9EG 9.92026-06-25
Contributor Remote Code Execution (RCE) in Widget Options <= 4.2.3 versions.
- CVE-2026-5533MEDIUMCVSS 4.3EG 4.32026-04-05
A vulnerability was determined in badlogic pi-mono 0.58.4. The impacted element is an unknown function of the file packages/web-ui/src/tools/artifacts/SvgArtifact.ts of the component SVG Artifact Handler. This manipulation causes cross sit…
- CVE-2026-55388HIGHCVSS 8.1EG 8.12026-06-18
piscina is a node.js worker pool implementation. Prior to 6.0.0-rc.2, 5.2.0, and 4.9.3, piscina's constructor and run() paths read the filename option via plain member access. Both reads fall through the prototype chain when the caller's o…
- CVE-2026-5539MEDIUMCVSS 4.3EG 4.32026-04-05
A flaw has been found in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /modifymember.php of the component Parameter Handler. This manipulation of the argument firstName causes cross site scripting. The a…
- CVE-2026-55408HIGHCVSS 8.4EG 8.42026-07-07
Koodo Reader is an ebook reader. In version 2.3.0 and earlier, Koodo Reader is vulnerable to remote code execution through malicious EPUB files because the open-book IPC handler enables nodeIntegrationInSubFrames and EPUB chapter content i…
- CVE-2026-5541MEDIUMCVSS 4.3EG 4.32026-04-05
A vulnerability was found in code-projects Simple Laundry System 1.0. This issue affects some unknown processing of the file /modmemberinfo.php of the component Parameter Handler. Performing a manipulation of the argument userid results in…
- CVE-2026-55413CRITICALCVSS 9.4EG 9.42026-06-25
ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.178-lts, any authenticated user with builder role (free tier) can overwrite a globally-shared mar…
- CVE-2026-5542MEDIUMCVSS 4.3EG 4.32026-04-05
A vulnerability was determined in code-projects Simple Laundry System 1.0. Impacted is an unknown function of the file /modstaffinfo.php of the component Parameter Handler. Executing a manipulation of the argument userid can lead to cross …
- CVE-2026-55441HIGHCVSS 8.6EG 8.62026-06-23
mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.4, mise's trust feature gates config files (mise.toml, .tool-versions) through trust_check, but task-include files are loaded on a path that never reaches it. …
- CVE-2026-5556MEDIUMCVSS 6.3EG 6.32026-04-05
A security vulnerability has been detected in badlogic pi-mono up to 0.58.4. This vulnerability affects the function discoverAndLoadExtensions of the file packages/coding-agent/src/core/extensions/loader.ts. The manipulation leads to code …
- CVE-2026-55570CRITICALCVSS 9.0EG 9.02026-06-24
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, it does not escape the untrusted fields (name, version, author, description) when they are serialized into the data-obj HTML attribute of each marketplace card.…
- CVE-2026-55576HIGHCVSS 8.8EG 8.82026-07-15
MaaAssistantArknights is a one-click tool for daily Arknights tasks. In the current dev-v2 workflow, .github/workflows/release-preparation.yml inlined attacker-controlled github.event.pull_request.title into a run: shell command during the…
- CVE-2026-5562HIGHCVSS 7.3EG 7.32026-04-05
A vulnerability was identified in provectus kafka-ui up to 0.7.2. This impacts the function validateAccess of the file /api/smartfilters/testexecutions of the component Endpoint. The manipulation leads to code injection. The attack can be …
- CVE-2026-5568LOWCVSS 3.5EG 3.52026-04-05
A vulnerability has been found in Akaunting up to 3.1.21. This issue affects some unknown processing of the component Invoice/Billing. The manipulation of the argument notes leads to cross site scripting. The attack is possible to be carri…
Map vulnerabilities like CWE-94 to your infrastructure
EchelonGraph correlates every CVE — across CWE-94 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →