CWE-94— Improper Control of Generation of Code (Code Injection)
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.— MITRE CWE catalog
6,503 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-94page 127 of 131
- CVE-2026-55771HIGHCVSS 8.8EG 8.82026-07-13
CedarJava is an open source Java implementation of the Cedar policy language, used for fine-grained authorization decisions. In versions prior to 4.9.0, the EntityIdentifier.equals() has inverted null/self branches which could lead to inco…
- CVE-2026-55773HIGHCVSS 8.8EG 8.82026-06-19
CedarJava is an open source Java implementation of the Cedar policy language, used for fine-grained authorization decisions. In versions prior to 2.3.6, 3.4.1 and 4.9.0, under certain circumstances, improper input handling could allow Ceda…
- CVE-2026-55794HIGHCVSS 8.7EG 8.72026-07-02
Craft CMS is a content management system (CMS). In versions 5.9.0 and above prior to 5.10.0, control panel users with the ability to edit entries can execute unsandboxed Twig code via the HTTP Referrer header, potentially leading to authen…
- CVE-2026-5584HIGHCVSS 7.3EG 7.32026-04-05
A vulnerability has been found in Fosowl agenticSeek 0.1.0. Impacted is the function PyInterpreter.execute of the file sources/tools/PyInterpreter.py of the component query Endpoint. Such manipulation leads to code injection. The attack ca…
- CVE-2026-55895HIGHCVSS 7.8EG 7.82026-06-25
Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:NetrwLocalRmFile() in the netrw plugin (runtime/pack/dist/opt/netrw/autoload/netrw.vim) when deleting a local file fro…
- CVE-2026-5594MEDIUMCVSS 6.3EG 6.32026-04-05
A weakness has been identified in premAI-io premsql up to 0.2.1. Affected is the function eval of the file premsql/agents/baseline/workers/followup.py. This manipulation of the argument result causes code injection. The attack is possible …
- CVE-2026-56049HIGHCVSS 8.5EG 8.52026-06-25
Contributor Remote Code Execution (RCE) in Post Snippets <= 4.0.19 versions. Contributor Remote Code Execution (RCE) in Post Snippets <= 4.0.19 versions.
- CVE-2026-5615MEDIUMCVSS 4.3EG 4.32026-04-06
A weakness has been identified in givanz Vvvebjs up to 2.0.5. The affected element is an unknown function of the file upload.php of the component File Upload Endpoint. This manipulation of the argument uploadAllowExtensions causes cross si…
- CVE-2026-56185MEDIUMCVSS 6.5EG 6.52026-07-14
Improper authentication in Windows Admin Center allows an authorized attacker to disclose information over a network.
- CVE-2026-5625MEDIUMCVSS 4.3EG 4.32026-04-06
A weakness has been identified in assafelovic gpt-researcher up to 3.4.3. This issue affects some unknown processing of the file gpt_researcher/skills/researcher.py of the component WebSocket Interface. Executing a manipulation of the argu…
- CVE-2026-56264HIGHCVSS 8.1EG 8.12026-07-01
Crawl4AI before 0.8.7 contains an arbitrary JavaScript execution vulnerability in the Docker API server's /execute_js endpoint, which accepts and executes arbitrary user-supplied JavaScript in the server's browser context with --disable-we…
- CVE-2026-5630MEDIUMCVSS 4.3EG 4.32026-04-06
A flaw has been found in assafelovic gpt-researcher up to 3.4.3. The impacted element is an unknown function of the file backend/server/app.py of the component Report API. This manipulation causes cross site scripting. The attack is possib…
- CVE-2026-5631HIGHCVSS 7.3EG 7.32026-04-06
A vulnerability has been found in assafelovic gpt-researcher up to 3.4.3. This affects the function extract_command_data of the file backend/server/server_utils.py of the component ws Endpoint. Such manipulation of the argument args leads …
- CVE-2026-56382HIGHCVSS 7.2EG 7.22026-06-21
Craft CMS (composer package craftcms/cms) versions >= 5.5.0 and <= 5.9.13 contain a remote code execution vulnerability in the FieldsController::actionRenderCardPreview() method, which passes the fieldLayoutConfig POST parameter directly t…
- CVE-2026-5643LOWCVSS 2.4EG 2.42026-04-06
A vulnerability was identified in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This impacts an unknown function of the file /admin/Add%20notice/notice.php of the component Admin Add Endpoint. Such man…
- CVE-2026-5644LOWCVSS 2.4EG 2.42026-04-06
A security flaw has been discovered in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. Affected is an unknown function of the file /admin/Add%20notice/batch-notice.php. Performing a manipulation of the a…
- CVE-2026-56446HIGHCVSS 7.2EG 7.22026-06-22
MISP allowed a site administrator to configure an arbitrary filesystem path for the NDJSON error log used by JsonLogTool. Because log entries can include attacker-controlled content, an authenticated attacker with site administrator privil…
- CVE-2026-5647LOWCVSS 2.4EG 2.42026-04-06
A vulnerability was detected in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /admin/admin_feature.php of the component Add Product Page. The manipulation of the argument product_name results in cross site s…
- CVE-2026-5668LOWCVSS 2.4EG 2.42026-04-06
A flaw has been found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This affects an unknown part of the file /admin/Add%20notice/add%20notice.php. This manipulation of the argument $_SERVER['PHP_SEL…
- CVE-2026-5671MEDIUMCVSS 4.3EG 4.32026-04-06
A vulnerability was determined in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. Impacted is an unknown function of the file /admin/class%20schedule/delete_batch.php of the component Class Schedule Dele…
- CVE-2026-5705MEDIUMCVSS 4.3EG 4.32026-04-07
A vulnerability was identified in code-projects Online Hotel Booking 1.0. Affected by this vulnerability is an unknown functionality of the file /booknow.php of the component Booking Endpoint. Such manipulation of the argument roomname lea…
- CVE-2026-57315HIGHCVSS 8.5EG 8.52026-06-26
Contributor Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.45 versions.
- CVE-2026-5739HIGHCVSS 7.3EG 7.32026-04-07
A security flaw has been discovered in PowerJob 5.1.0/5.1.1/5.1.2. The affected element is the function GroovyEvaluator.evaluate of the file /openApi/addWorkflowNode of the component OpenAPI Endpoint. The manipulation of the argument nodeP…
- CVE-2026-57456HIGHCVSS 7.8EG 7.82026-06-25
Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion (runtime/autoload/python3complete.vim and the legacy pythoncomplete.vim) executes reconstructed function and class definitions from the curren…
- CVE-2026-57572CRITICALCVSS 10.0EG 10.02026-07-06
Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, the Docker API server accepted request-supplied browser_config.extra_args, which flowed into Chromium's launch arguments. An attacker could inject Chromium sw…
- CVE-2026-5760CRITICALCVSS 9.8EG 9.82026-04-20
SGLang's reranking endpoint (/v1/rerank) achieves Remote Code Execution (RCE) when a model file containing a malcious tokenizer.chat_template is loaded, as the Jinja2 chat templates are rendered using an unsandboxed jinja2.Environment().
- CVE-2026-57624CRITICALCVSS 10.0EG 10.02026-07-02
Unauthenticated Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.46 versions.
- CVE-2026-57811CRITICALCVSS 10.0EG 10.02026-07-13
Improper Control of Generation of Code ('Code Injection') vulnerability in Realtyna Realtyna Organic IDX plugin real-estate-listing-realtyna-wpl allows Remote Code Inclusion.This issue affects Realtyna Organic IDX plugin: from n/a through …
- CVE-2026-58025CRITICALCVSS 9.8EG 9.82026-07-01
Deserialization of untrusted data vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Import/WikiImporter.Php, includes/Import/WikiRevision.Php, includes/Logging/LogEntryBase.Php.…
- CVE-2026-5806LOWCVSS 3.5EG 3.52026-04-08
A security vulnerability has been detected in code-projects Easy Blog Site 1.0. This affects an unknown function of the file /posts/update.php. The manipulation of the argument postTitle leads to cross site scripting. The attack may be ini…
- CVE-2026-5808MEDIUMCVSS 4.3EG 4.32026-04-08
A vulnerability was detected in openstatusHQ openstatus up to 1b678e71a85961ae319cbb214a8eae634059330c. This impacts an unknown function of the file apps/dashboard/src/app/(dashboard)/onboarding/client.tsx of the component Onboarding Endpo…
- CVE-2026-5810LOWCVSS 3.5EG 3.52026-04-08
A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /delete.php of the component GET Parameter Handler. This manipulation of the argument ID causes cross site scripting. Remot…
- CVE-2026-58116HIGHCVSS 8.8EG 9.82026-06-30
LLaMA-Factory through 0.9.5 contains a remote code execution vulnerability that allows attackers with WebUI access to execute arbitrary Python code by supplying a malicious model path in the Chat or Training interfaces. The application pas…
- CVE-2026-58138CRITICALCVSS 9.8EG 9.82026-06-30
Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript o…
- CVE-2026-5825MEDIUMCVSS 4.3EG 4.32026-04-09
A vulnerability was detected in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /delmemberinfo.php. Performing a manipulation of the argument userid results in cross site scripting. The attack c…
- CVE-2026-5826MEDIUMCVSS 4.3EG 4.32026-04-09
A flaw has been found in code-projects Simple IT Discussion Forum 1.0. This issue affects some unknown processing of the file /edit-category.php. Executing a manipulation of the argument Category can lead to cross site scripting. The attac…
- CVE-2026-5834LOWCVSS 2.4EG 2.42026-04-09
A vulnerability was detected in code-projects Online Shoe Store 1.0. Affected is an unknown function of the file /admin/admin_running.php. Performing a manipulation of the argument product_name results in cross site scripting. It is possib…
- CVE-2026-5835LOWCVSS 2.4EG 2.42026-04-09
A flaw has been found in code-projects Online Shoe Store 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin_football.php. Executing a manipulation of the argument product_name can lead to cross site sc…
- CVE-2026-5836LOWCVSS 2.4EG 2.42026-04-09
A vulnerability has been found in code-projects Online Shoe Store 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_product.php. The manipulation of the argument product_name leads to cross site scripting. …
- CVE-2026-58449CRITICALCVSS 9.8EG 9.82026-06-30
txtai through 9.10.0, fixed in commit 11b32da, exposes an API /reindex endpoint whose function body parameter is resolved through txtai.util.Resolver, which performs __import__ and getattr on the caller-supplied dotted path with no allowli…
- CVE-2026-58454HIGHCVSS 7.5EG 7.52026-07-01
JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a remote code execution vulnerability that allows authenticated attackers to execute arbitrary shell scripts by writing to the writable persistent JFFS2 storage p…
- CVE-2026-5848MEDIUMCVSS 4.7EG 4.72026-04-09
A vulnerability was found in jeecgboot JimuReport up to 2.3.0. The affected element is the function DriverManager.getConnection of the file /drag/onlDragDataSource/testConnection of the component Data Source Handler. Performing a manipulat…
- CVE-2026-58655HIGHCVSS 8.8EG 8.82026-07-15
The bundled Grav Flex Objects plugin (getgrav/grav-plugin-flex-objects) before 1.4.0 contains a stored server-side template injection vulnerability. When rendering dynamic collection or object titles, the plugin passes user-controlled fron…
- CVE-2026-59216CRITICALCVSS 9.0EG 9.02026-07-09
Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, get_event_call delivered execute:python and execute:tool Socket.IO events to a client-supplied session_id after checking only that the s…
- CVE-2026-5970HIGHCVSS 7.3EG 7.32026-04-09
A vulnerability was detected in FoundationAgents MetaGPT up to 0.8.1. This affects the function check_solution of the component HumanEvalBenchmark/MBPPBenchmark. Performing a manipulation results in code injection. The attack may be initia…
- CVE-2026-5971HIGHCVSS 7.3EG 7.32026-04-09
A flaw has been found in FoundationAgents MetaGPT up to 0.8.1. This vulnerability affects the function ActionNode.xml_fill of the file metagpt/actions/action_node.py of the component XML Handler. Executing a manipulation can lead to improp…
- CVE-2026-59821HIGHCVSS 7.2EG 7.22026-07-08
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.82.0-stable, LiteLLM's Custom Code Guardrails production create and update paths did not apply the same sandboxing and validation used by the …
- CVE-2026-59826CRITICALCVSS 9.1EG 9.12026-07-09
Metabase is an open-source business intelligence and embedded analytics tool. From 1.55.0 until 1.58.15.1, 1.59.12, 1.60.6.3, and 1.61.2, Metabase did not validate unsafe H2 connection properties on one database-creation code path, allowin…
- CVE-2026-59833HIGHCVSS 8.6EG 8.62026-07-09
SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, SiYuan renders note and package content to HTML through the Lute engine with sanitization enabled, but Lute's dangerous javascript scheme block does not check f…
- CVE-2026-59856HIGHCVSS 7.8EG 7.82026-07-09
Vim is an open source, command line text editor. Prior to 9.2.0736, the PHP omni-completion script in runtime/autoload/phpcomplete.vim interpolates a class or trait name, taken from the contents of the edited buffer, into a search() patter…
Map vulnerabilities like CWE-94 to your infrastructure
EchelonGraph correlates every CVE — across CWE-94 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →