Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2659

2659 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-1324 Sangfor Operation and Maintenance Management System SSH Protocol session SessionController os command injection — Operation and Maintenance Management System 8.8 High2026-01-22
CVE-2026-23699 Ruijie AP180 Series 命令注入漏洞 — AP180(JA) V1.xx 9.8AICriticalAI2026-01-22
CVE-2021-47851 Mini Mouse 9.2.0 - Remote Code Execution — Mini Mouse 9.8 Critical2026-01-21
CVE-2021-47748 Hasura GraphQL 1.3.3 - Remote Code Execution — GraphQL 9.8 Critical2026-01-21
CVE-2025-33230 NVIDIA CUDA toolkit 命令注入漏洞 — CUDA Toolkit 7.3 High2026-01-20
CVE-2025-33228 NVIDIA CUDA toolkit 命令注入漏洞 — CUDA Toolkit 7.3 High2026-01-20
CVE-2026-22844 Zoom Node Deployments - Command Injection — Zoom Node 9.9 Critical2026-01-20
CVE-2021-47816 Thecus N4800Eco Nas Server Control Panel - Command Injection — Thecus N4800Eco Nas Server Control Panel 8.8 High2026-01-16
CVE-2026-20759 TOA TRIFORA 3 Series 操作系统命令注入漏洞 — Multiple Network Cameras TRIFORA 3 series 8.8 -2026-01-16
CVE-2021-47794 ZesleCP 3.1.9 - Remote Code Execution (RCE) (Authenticated) — ZesleCP 8.8 High2026-01-15
CVE-2026-23520 Arcane has a Command Injection in Arcane Updater Lifecycle Labels Enables RCE — arcane 9.1 Critical2026-01-15
CVE-2025-62193 NOAA PMEL Live Access Server (LAS) PyFerret command injection — Live Access Server (LAS) 9.8 Critical2026-01-15
CVE-2026-22265 Roxy-WI has a Command Injection via grep parameter in logs.py allows authenticated RCE — roxy-wi 7.5 High2026-01-15
CVE-2025-33206 NVIDIA NSIGHT Graphics 操作系统命令注入漏洞 — NSIGHT Graphics 7.8 High2026-01-14
CVE-2026-22718 Command injection vulnerability — CLI VSCode Extension 6.8 Medium2026-01-14
CVE-2023-54339 Webgrind 1.1 - Remote Command Execution (RCE) via dataFile Parameter — Webgrind 9.8 Critical2026-01-13
CVE-2022-50919 Tdarr 2.00.15 - Command Injection — Tdarr 9.8 Critical2026-01-13
CVE-2022-50909 Algo 8028 Control Panel - Remote Code Execution (RCE) (Authenticated) — Algo 8028 8.8 High2026-01-13
CVE-2026-21267 Dreamweaver Desktop | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) — Dreamweaver Desktop 8.6 High2026-01-13
CVE-2025-64155 Fortinet FortiSIEM 安全漏洞 — FortiSIEM 9.4 Critical2026-01-13
CVE-2026-0507 OS Command Injection vulnerability in SAP Application Server for ABAP and SAP NetWeaver RFCSDK — SAP Application Server for ABAP and SAP NetWeaver RFCSDK 8.4 High2026-01-13
CVE-2026-22781 TinyWeb CGI Command Injection — TinyWeb 9.8AICriticalAI2026-01-12
CVE-2026-0855 Merit LILIN|IP Camera - OS Command Injection — P2 8.8 High2026-01-12
CVE-2026-0854 Merit LILIN|NVR - OS Command Injection — DH032 8.8 High2026-01-12
CVE-2025-69269 Spectrum command injection in NCM service — DX NetOps Spectrum 8.8AIHighAI2026-01-12
CVE-2025-15502 Sangfor Operation and Maintenance Management System session SessionController os command injection — Operation and Maintenance Management System 7.3 High2026-01-10
CVE-2025-15501 Sangfor Operation and Maintenance Management System getCmd WriterHandle.getCmd os command injection — Operation and Maintenance Management System 9.8 Critical2026-01-09
CVE-2025-15500 Sangfor Operation and Maintenance Management System HTTP POST Request getHis os command injection — Operation and Maintenance Management System 9.8 Critical2026-01-09
CVE-2025-15499 Sangfor Operation and Maintenance Management System VersionController.java uploadCN os command injection — Operation and Maintenance Management System 8.8 High2026-01-09
CVE-2026-0830 Command Injection in Kiro GitLab Merge Request Helper — Kiro IDE 7.8 High2026-01-09

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2659 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.