Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) — Vulnerability Class 1149

1149 vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-6989 Tenda F453 Telnet Service telnet TendaTelnet command injection — F453 6.3 Medium2026-04-25
CVE-2026-6987 PicoClaw Web Launcher Management Plane restart command injection — PicoClaw 7.3 High2026-04-25
CVE-2026-6980 Divyanshu-hash GitPilot-MCP main.py repo_path command injection — GitPilot-MCP 7.3 High2026-04-25
CVE-2026-41265 Flowise: Airtable_Agent Code Injection Remote Code Execution Vulnerability — Flowise 9.6AICriticalAI2026-04-23
CVE-2026-41304 WWBN AVideo vulnerable to RCE caused by clonesite plugin — AVideo 8.8AIHighAI2026-04-21
CVE-2026-6799 Comfast CF-N1-S Endpoint mbox-config command injection — CF-N1-S 6.3 Medium2026-04-21
CVE-2026-39866 Lawnchair vulnerable to Command Injection via unquoted workflow dispatch input in release_update.yml — lawnchair 8.8AIHighAI2026-04-21
CVE-2026-4048 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF — LoadMaster 8.4 High2026-04-20
CVE-2026-3519 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF — LoadMaster 8.4 High2026-04-20
CVE-2026-3518 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF — LoadMaster 8.4 High2026-04-20
CVE-2026-3517 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF — LoadMaster 8.4 High2026-04-20
CVE-2026-6576 liangliangyy DjangoBlog WeChat Bot commonapi.py CommandHandler command injection — DjangoBlog 6.3 Medium2026-04-19
CVE-2026-30898 Apache Airflow: Bad example of BashOperator shell injection via dag_run.conf — Apache Airflow 8.8AIHighAI2026-04-18
CVE-2026-35682 Anviz CX2 Lite Command Injection — Anviz CX2 Lite Firmware 8.8 High2026-04-17
CVE-2026-21709 Veeam Backup And Replication 安全漏洞 — Backup and Replication 6.0AIMediumAI2026-04-17
CVE-2026-41153 JetBrains Junie 安全漏洞 — Junie 5.8 Medium2026-04-17
CVE-2026-23779 Dell PowerProtect Data Domain(Dell PowerProtect DD) 安全漏洞 — PowerProtect Data Domain 6.7 Medium2026-04-17
CVE-2026-23778 Dell PowerProtect Data Domain 安全漏洞 — PowerProtect Data Domain 7.2 High2026-04-17
CVE-2026-20186 Cisco Identity Services Engine Multiple Authenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine Software 9.9 Critical2026-04-15
CVE-2026-20147 Cisco Identity Services Engine Remote Code Execution Vulnerability — Cisco Identity Services Engine Software 9.9 Critical2026-04-15
CVE-2026-32183 Windows Snipping Tool Remote Code Execution Vulnerability — Windows 10 Version 1607 7.8 High2026-04-14
CVE-2026-23653 GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability — Microsoft Visual Studio Code CoPilot Chat Extension 5.7 Medium2026-04-14
CVE-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open() — CPython 9.8 -2026-04-13
CVE-2026-6219 aandrew-me ytDownloader Compressor Feature compressor.js child_process.exec command injection — ytDownloader 5.3 Medium2026-04-13
CVE-2026-6118 AstrBotDevs AstrBot MCP Endpoint tools.py add_mcp_server command injection — AstrBot 6.3 Medium2026-04-12
CVE-2026-5833 awwaiid mcp-server-taskwarrior index.ts server.setRequestHandler command injection — mcp-server-taskwarrior 5.3 Medium2026-04-09
CVE-2026-35580 Emissary has GitHub Actions Shell Injection via Workflow Inputs — emissary 9.1 Critical2026-04-07
CVE-2026-35558 Improper neutralization of special elements in authentication components in Amazon Athena ODBC driver — Amazon Athena ODBC driver 7.8 High2026-04-03
CVE-2026-5463 Pymetasploit3 安全漏洞 — pymetasploit3 8.6 High2026-04-03
CVE-2026-5339 Tenda G103 Setting gpon.lua action_set_net_settings command injection — G103 4.7 Medium2026-04-02

Vulnerabilities classified as CWE-77 (在命令中使用的特殊元素转义处理不恰当(命令注入)) represent 1149 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.