目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1310

100%
请我们喝杯咖啡

CWE-94 对生成代码的控制不恰当(代码注入) 类漏洞列表 1417

CWE-94 对生成代码的控制不恰当(代码注入) 类弱点 1417 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-94 指代码注入漏洞,属于输入验证缺陷。攻击者通过向程序提供恶意构造的外部输入,利用未正确过滤的特殊字符或代码片段,篡改预期代码逻辑或注入可执行指令,从而劫持系统控制权。开发者应避免直接拼接用户输入,采用白名单验证机制,并使用参数化查询或沙箱环境隔离执行上下文,确保输入数据的合法性与安全性,从根本上阻断恶意代码的注入路径。

MITRE CWE 官方描述
CWE:CWE-94 代码生成控制不当('Code Injection') 英文:产品使用来自上游组件的外部影响输入来构建代码段的全部或部分内容,但未对可能修改预期代码段语法或行为的特殊元素进行中和,或中和不正确。
常见影响 (4)
Access ControlBypass Protection Mechanism
In some cases, injectable code controls authentication; this may lead to a remote vulnerability.
Access ControlGain Privileges or Assume Identity
Injected code can access resources that the attacker is directly prevented from accessing.
Integrity, Confidentiality, AvailabilityExecute Unauthorized Code or Commands
When a product allows a user's input to contain code syntax, it might be possible for an attacker to craft the code in such a way that it will alter the intended control flow of the product. As a result, code injection can often result in the execution of arbitrary code. Code injection attacks can…
Non-RepudiationHide Activities
Often the actions performed by injected control code are unlogged.
缓解措施 (5)
Architecture and DesignRefactor your program so that you do not have to dynamically generate code.
Architecture and DesignRun your code in a "jail" or similar sandbox environment that enforces strict boundaries between the process and the operating system. This may effectively restrict which code can be executed by your product. Examples include the Unix chroot jail and AppArmor. In general, managed code may provide some protection. This may not be a feasible solution, and it only limits the impact to the operating s…
ImplementationAssume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. When performing input validation, consider all potentially relevant properties, including length, type of input, the full range…
TestingUse dynamic tools and techniques that interact with the product using large test suites with many diverse inputs, such as fuzz testing (fuzzing), robustness testing, and fault injection. The product's operation may slow down, but it should not become unstable, crash, or generate incorrect results.
OperationRun the code in an environment that performs automatic taint propagation and prevents any command execution that uses tainted variables, such as Perl's "-T" switch. This will force the program to perform validation steps that remove the taint, although you must be careful to correctly validate your inputs so that you do not accidentally mark dangerous inputs as untainted (see CWE-183 and CWE-184).
代码示例 (2)
This example attempts to write user messages to a message file and allow users to view them.
$MessageFile = "messages.out"; if ($_GET["action"] == "NewMessage") { $name = $_GET["name"]; $message = $_GET["message"]; $handle = fopen($MessageFile, "a+"); fwrite($handle, "<b>$name</b> says '$message'<hr>\n"); fclose($handle); echo "Message Saved!<p>\n"; } else if ($_GET["action"] == "ViewMessages") { include($MessageFile); }
Bad · PHP
name=h4x0r message=%3C?php%20system(%22/bin/ls%20-l%22);?%3E
Attack
edit-config.pl: This CGI script is used to modify settings in a configuration file.
use CGI qw(:standard); sub config_file_add_key { my ($fname, $key, $arg) = @_; # code to add a field/key to a file goes here } sub config_file_set_key { my ($fname, $key, $arg) = @_; # code to set key to a particular file goes here } sub config_file_delete_key { my ($fname, $key, $arg) = @_; # code to delete key from a particular file goes here } sub handleConfigAction { my ($fname, $action) = @_; my $key = param('key'); my $val = param('val'); # this is super-efficient code, especially if you have to invoke # any one of dozens of different functions! my $code = "config_file_$action_key(\$fnam
Bad · Perl
add_key(",","); system("/bin/ls");
Attack
CVE ID标题CVSS风险等级Published
CVE-2026-10688 Blender MCP server.py 代码注入漏洞 — blender-mcp 5.5 Medium2026-06-02
CVE-2026-49143 BrowserStack Runner 0.9.5 未授权远程代码执行漏洞 — browserstack-runner 8.8 High2026-06-02
CVE-2026-1829 Divi Builder ≤4.02 远程代码执行漏洞 — Content Visibility for Divi Builder 8.8 High2026-06-02
CVE-2026-47117 OpenMed < 1.5.2 PII模型加载远程代码执行漏洞 — openmed 9.8 Critical2026-06-02
CVE-2026-9311 IBM WebSphere Application Server 远程代码执行漏洞 — WebSphere Application Server 9.0 Critical2026-06-01
CVE-2026-45131 CloudPirates Helm Charts GitHub Actions 秘密泄露漏洞 — helm-charts 10.0 Critical2026-06-01
CVE-2026-45132 CloudPirates Helm Charts GitHub Actions工作流凭据泄露漏洞 — helm-charts 10.0 Critical2026-06-01
CVE-2026-10175 Aider 代码注入漏洞 — Aider 6.3 Medium2026-05-31
CVE-2026-44287 FastGPT 安全漏洞 — FastGPT 6.3 Medium2026-05-29
CVE-2026-45697 Formie for Craft CMS 安全漏洞 — formie 9.8 Critical2026-05-29
CVE-2026-41159 Mermaid 代码注入漏洞 — mermaid--2026-05-29
CVE-2026-44698 Home Assistant 安全漏洞 — core 8.3 High2026-05-29
CVE-2026-45555 Roslyn CodeLens MCP Server 安全漏洞 — roslyn-codelens-mcp 7.8 High2026-05-29
CVE-2026-43898 SandboxJS 安全漏洞 — SandboxJS 10.0 Critical2026-05-28
CVE-2026-45311 CodeWhale 代码注入漏洞 — CodeWhale 9.6 Critical2026-05-28
CVE-2026-45374 CodeWhale 代码注入漏洞 — CodeWhale 9.6 Critical2026-05-28
CVE-2026-45058 Electerm 安全漏洞 — electerm--2026-05-28
CVE-2026-45353 Electerm 安全漏洞 — electerm--2026-05-28
CVE-2026-45261 GitButler 代码注入漏洞 — gitbutler--2026-05-28
CVE-2026-44672 mapfish-print 代码注入漏洞 — mapfish-print--2026-05-28
CVE-2026-32999 WebPros Comet Backup 安全漏洞 — Comet Backup 9.1 Critical2026-05-28
CVE-2026-44887 Pi.Alert 代码注入漏洞 — Pi.Alert 9.8 Critical2026-05-27
CVE-2026-44888 Pi.Alert 代码注入漏洞 — Pi.Alert 9.8 Critical2026-05-27
CVE-2026-42879 FacturaScripts 代码问题漏洞 — facturascripts 6.3 Medium2026-05-27
CVE-2026-45719 Budibase 安全漏洞 — budibase 6.5 Medium2026-05-27
CVE-2026-6169 WordPress plugin affiliate-toolkit 代码注入漏洞 — affiliate-toolkit – Multi-Network Affiliate & Amazon Product Display 7.2 High2026-05-27
CVE-2026-8832 WordPress plugin WPCode 代码注入漏洞 — WPCode – Insert Headers and Footers + Custom Code Snippets – WordPress Code Manager 8.8 High2026-05-27
CVE-2026-9568 ThingsBoard 代码注入漏洞 — ThingsBoard 5.0 Medium2026-05-26
CVE-2026-44728 Babel 安全漏洞 — babel 8.2 High2026-05-26
CVE-2026-9170 IBM Web Server Plug-ins for IBM WebSphere Application Server and IBM WebSphere Liberty 环境问题漏洞 — HTTP Server--2026-05-26

CWE-94(对生成代码的控制不恰当(代码注入)) 是常见的弱点类别,本平台收录该类弱点关联的 1417 条 CVE 漏洞。