CWE-74: Improper Neutralization of Special Elements (Injection) — known CVE vulnerabilities
CVEs classified under CWE-74 (Improper Neutralization of Special Elements (Injection)), ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2026-25586 — CVSS 10.0 (critical): SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, a sandbox escape is possible by shadowing hasOwnProperty on a sandbox…
CVE-2026-25520 — CVSS 10.0 (critical): SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, The return values of functions aren't wrapped. Object.values/Object.entries…
CVE-2025-20265 — CVSS 10.0 (critical): A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center (FMC) Software could allow an…
CVE-2024-42472 — CVSS 10.0 (critical): Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised…
CVE-2024-42489 — CVSS 10.0 (critical): Pro Macros provides XWiki rendering macros. Missing escaping in the Viewpdf macro allows any user with view right on the…
CVE-2024-38366 — CVSS 10.0 (critical): trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. The part of trunk which verifies whether a user has…
CVE-2023-1523 — CVSS 10.0 (critical): Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it…
CVE-2022-31126 — CVSS 10.0 (critical): Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a…
CVE-2021-41163 — CVSS 10.0 (critical): Discourse is an open source platform for community discussion. In affected versions maliciously crafted requests could lead to remote code…
CVE-2020-26282 — CVSS 10.0 (critical): BrowserUp Proxy allows you to manipulate HTTP requests and responses, capture HTTP content, and export performance data as a HAR file…
CVE-2020-15164 — CVSS 10.0 (critical): in Scratch Login (MediaWiki extension) before version 1.1, any account can be logged into by using the same username with leading…
CVE-2018-21268 — CVSS 10.0 (critical): The traceroute (aka node-traceroute) package through 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs…
CVE-2014-8423 — CVSS 10.0 (critical): Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to execute arbitrary commands…
CVE-2025-55343 — CVSS 9.9 (critical): Quipux 4.0.1 through e1774ac allows authenticated users to conduct SQL injection attacks via busqueda/busqueda.php txt_depe_codi…
CVE-2023-37462 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Improper escaping in the document…
CVE-2023-36470 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. By either creating a new or…
CVE-2023-36469 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can edit their own…
CVE-2023-29527 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions a user…
CVE-2023-29526 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible…
CVE-2023-29525 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Affected versions of xwiki are…
CVE-2023-29524 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to execute anything…
CVE-2023-29523 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can edit their own…
CVE-2023-29522 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights can…
CVE-2023-29518 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights can…
CVE-2023-29516 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights on…
CVE-2023-29514 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit rights on any…
CVE-2023-29512 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit rights on a…
CVE-2023-29510 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In XWiki, every user can add…
CVE-2023-25616 — CVSS 9.9 (critical): In some scenario, SAP Business Objects Business Intelligence Platform (CMC) - versions 420, 430, Program Object execution can lead to code…
CVE-2023-27479 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with…
CVE-2022-2992 — CVSS 9.9 (critical): A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated…
CVE-2022-36084 — CVSS 9.9 (critical): cruddl is software for creating a GraphQL API for a database, using the GraphQL SDL to model a schema. If cruddl starting with version…
CVE-2016-9832 — CVSS 9.9 (critical): PricewaterhouseCoopers (PwC) ACE-ABAP 8.10.304 for SAP Security allows remote authenticated users to conduct ABAP injection attacks and…
CVE-2026-6279 — CVSS 9.8 (critical): The Avada Builder (fusion-builder) plugin for WordPress is vulnerable to Unauthenticated Remote Code Execution via PHP Function Injection…
CVE-2026-34041 — CVSS 9.8 (critical): act is a project which allows for local running of github actions. Prior to version 0.2.86, act unconditionally processes the deprecated…
CVE-2026-4164 — CVSS 9.8 (critical): A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function Delete_Mac_list/SetName/GuestWifi of the file…
CVE-2026-4163 — CVSS 9.8 (critical): A vulnerability was detected in Wavlink WL-WN579A3 220323. This issue affects the function SetName/GuestWifi of the file…
CVE-2026-26002 — CVSS 9.8 (critical): Open OnDemand is an open-source high-performance computing portal. The Files application in OnDemand versions prior to 4.0.9 and 4.1.3 is…
CVE-2026-27727 — CVSS 9.8 (critical): mchange-commons-java, a library that provides Java utilities, includes code that mirrors early implementations of JNDI functionality…
CVE-2026-27194 — CVSS 9.8 (critical): D-Tale is a visualizer for pandas data structures. Versions prior to 3.20.0 are vulnerable to Remote Code Execution through the…
CVE-2026-25814 — CVSS 9.8 (critical): PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, User-controlled query parameters are…
CVE-2025-64428 — CVSS 9.8 (critical): Dataease is an open source data visualization analysis tool. Versions prior to 2.10.17 are vulnerable to JNDI injection. A blacklist was…
CVE-2025-58046 — CVSS 9.8 (critical): Dataease is an open-source data visualization and analysis platform. In versions up to and including 2.10.12, the Impala data source is…
CVE-2025-56266 — CVSS 9.8 (critical): A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL.
CVE-2024-8309 — CVSS 9.8 (critical): A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection…
CVE-2024-46997 — CVSS 9.8 (critical): DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by…