Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2646

2646 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-6483 Wavlink WL-WN530H4 internet.cgi snprintf os command injection — WL-WN530H4 7.2 High2026-04-17
CVE-2026-21719 CubeCart 安全漏洞 — CubeCart 7.2AIHighAI2026-04-17
CVE-2026-41113 Qmail 安全漏洞 — qmail 8.1 High2026-04-16
CVE-2026-41015 Radare2 安全漏洞 — radare2 7.4 High2026-04-16
CVE-2026-6349 HGiga|iSherlock - OS Command Injection — iSherlock-base-4.5 9.8 Critical2026-04-16
CVE-2026-40261 Composer has Command Injection via Malicious Perforce Reference — composer 8.8 High2026-04-15
CVE-2026-40499 radare2 < 6.1.4 Command Injection via PDB Parser print_gvars() — radare2 7.8 -2026-04-15
CVE-2026-33414 PowerShell Command Injection in Podman HyperV Machine — podman 6.7 -2026-04-14
CVE-2026-35196 Chamilo LMS has OS Command Injection via export_all_certificates action — chamilo-lms 8.8 High2026-04-14
CVE-2026-39808 Fortinet FortiSandbox 操作系统命令注入漏洞 — FortiSandbox 9.1 Critical2026-04-14
CVE-2026-40288 PraisonAI: Critical RCE via `type: job` workflow YAML — PraisonAI 9.8 Critical2026-04-14
CVE-2026-39417 MaxKB: RCE via MCP stdio command injection in workflow engine — MaxKB 4.6 Medium2026-04-14
CVE-2026-6195 Totolink A7100RU CGI cstecgi.cgi setPasswordCfg os command injection — A7100RU 9.8 Critical2026-04-13
CVE-2026-28291 simple-git has Command Execution via Option-Parsing Bypass — git-js 8.1 High2026-04-13
CVE-2026-34188 OS Command Injection in Event Response Execution — Pandora FMS 9.8 -2026-04-13
CVE-2026-30809 OS Command Injection in WebServerModuleDebug via Blacklist Bypass leads to Remote Code Execution — Pandora FMS 9.8 -2026-04-13
CVE-2026-30806 OS Command Injection in Network Report leads to Remote Code Execution — Pandora FMS 9.8 -2026-04-13
CVE-2026-6204 LibreNMS 安全漏洞 — librenms 7.2 -2026-04-13
CVE-2026-6158 Totolink N300RH upgrade.so setUpgradeUboot os command injection — N300RH 7.3 High2026-04-13
CVE-2026-6156 Totolink A7100RU CGI cstecgi.cgi setIpQosRules os command injection — A7100RU 9.8 Critical2026-04-13
CVE-2026-6155 Totolink A7100RU CGI cstecgi.cgi setWanCfg os command injection — A7100RU 9.8 Critical2026-04-13
CVE-2026-6154 Totolink A7100RU CGI cstecgi.cgi setWizardCfg os command injection — A7100RU 9.8 Critical2026-04-13
CVE-2026-6141 danielmiessler Personal_AI_Infrastructure parse_url.ts os command injection — Personal_AI_Infrastructure 6.3 Medium2026-04-13
CVE-2026-6140 Totolink A7100RU CGI cstecgi.cgi UploadFirmwareFile os command injection — A7100RU 9.8 Critical2026-04-13
CVE-2026-6139 Totolink A7100RU CGI cstecgi.cgi UploadOpenVpnCert os command injection — A7100RU 9.8 Critical2026-04-13
CVE-2026-6138 Totolink A7100RU CGI cstecgi.cgi setAccessDeviceCfg os command injection — A7100RU 9.8 Critical2026-04-13
CVE-2026-6132 Totolink A7100RU CGI cstecgi.cgi setLedCfg os command injection — A7100RU 9.8 Critical2026-04-12
CVE-2026-6131 Totolink A7100RU CGI cstecgi.cgi setTracerouteCfg os command injection — A7100RU 9.8 Critical2026-04-12
CVE-2026-6130 chatboxai chatbox Model Context Protocol Server Management System ipc-stdio-transport.ts StdioClientTransport os command injection — chatbox 7.3 High2026-04-12
CVE-2026-6116 Totolink A7100RU CGI cstecgi.cgi setDiagnosisCfg os command injection — A7100RU 9.8 Critical2026-04-12

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2646 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.