Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2646

2646 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-64340 FastMCP has a Command Injection vulnerability - Gemini CLI — fastmcp 6.7 Medium2026-04-03
CVE-2026-5355 Trendnet TEW-657BRM setup.cgi vpn_drop os command injection — TEW-657BRM 6.3 Medium2026-04-02
CVE-2026-5354 Trendnet TEW-657BRM setup.cgi vpn_connect os command injection — TEW-657BRM 6.3 Medium2026-04-02
CVE-2026-5353 Trendnet TEW-657BRM setup.cgi ping_test os command injection — TEW-657BRM 6.3 Medium2026-04-02
CVE-2026-5352 Trendnet TEW-657BRM setup.cgi edit os command injection — TEW-657BRM 6.3 Medium2026-04-02
CVE-2026-5351 Trendnet TEW-657BRM setup.cgi add_wps_client os command injection — TEW-657BRM 6.3 Medium2026-04-02
CVE-2026-33641 Glances Vulnerable to Command Injection via Dynamic Configuration Values — glances 7.8 High2026-04-02
CVE-2026-34797 Endian Firewall /cgi-bin/logs_smtp.cgi DATE Perl Command Injection — Endian Firewall 8.8 High2026-04-02
CVE-2026-34796 Endian Firewall /cgi-bin/logs_openvpn.cgi DATE Perl Command Injection — Endian Firewall 8.8 High2026-04-02
CVE-2026-34795 Endian Firewall /cgi-bin/logs_log.cgi DATE Perl Command Injection — Endian Firewall 8.8 High2026-04-02
CVE-2026-34793 Endian Firewall /cgi-bin/logs_firewall.cgi DATE Perl Command Injection — Endian Firewall 8.8 High2026-04-02
CVE-2026-34794 Endian Firewall /cgi-bin/logs_ids.cgi DATE Perl Command Injection — Endian Firewall 8.8 High2026-04-02
CVE-2026-34792 Endian Firewall /cgi-bin/logs_clamav.cgi DATE Perl Command Injection — Endian Firewall 8.8 High2026-04-02
CVE-2026-34791 Endian Firewall /cgi-bin/logs_proxy.cgi DATE Perl Command Injection — Endian Firewall 8.8 High2026-04-02
CVE-2026-3692 Unintended command execution during report generation in Progress Flowmon — Flowmon 8.8AIHighAI2026-04-02
CVE-2026-33613 MB connect line mbCONNECT24 vulnerable to RCE in generateSrpArray — mbCONNECT24 7.2 High2026-04-02
CVE-2026-1345 Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access — Verify Identity Access Container 7.3 High2026-04-01
CVE-2026-24154 NVIDIA Jetson Linux 操作系统命令注入漏洞 — Jetson Xavier Series, Jetson Orin Series and Jetson Thor 7.6 High2026-03-31
CVE-2026-0596 Command Injection in mlflow/mlflow — mlflow/mlflow 7.8 -2026-03-31
CVE-2025-14213 Cato's Socket WebUI is vulnerable to OS Command Injection — Socket 8.8AIHighAI2026-03-31
CVE-2026-32917 OpenClaw < 2026.3.13 - Remote Command Injection via Unsanitized iMessage Attachment Paths in SCP — OpenClaw 9.8 Critical2026-03-31
CVE-2026-30877 baserCMS: OS Command Injection in the baserCMS Update Functionality — basercms 9.1 Critical2026-03-31
CVE-2026-30880 baserCMS: OS command injection vulnerability in installer — basercms 9.8AICriticalAI2026-03-31
CVE-2026-21861 baserCMS: OS Command Injection Leading to Remote Code Execution (RCE) — basercms 9.1 Critical2026-03-31
CVE-2026-34714 Vim 操作系统命令注入漏洞 — Vim 9.2 Critical2026-03-30
CVE-2026-33030 Nginx UI: Unencrypted Storage of DNS API Tokens and ACME Private Keys — nginx-ui 8.8 High2026-03-30
CVE-2026-5125 raine consult-llm-mcp server.ts child_process.execSync os command injection — consult-llm-mcp 5.3 Medium2026-03-30
CVE-2026-4946 NSA Ghidra Auto-Analysis Annotation Command Execution — Ghidra 8.8 High2026-03-29
CVE-2026-34005 Xiongmai DVR/NVR 操作系统命令注入漏洞 — DVR/NVR devices 8.8 High2026-03-29
CVE-2026-5023 DeDeveloper23 codebase-mcp RepoMix codebase.ts saveCodebase os command injection — codebase-mcp 5.3 Medium2026-03-29

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2646 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.