code-injection
code-injection
- CVE-2026-13500 - antlr ANTLR4 code injection
- CVE-2026-13500 - ANTLR4 grammar action block code injection
- CVE-2026-54271 - protobufjs-cli JSON descriptor code injection
- CVE-2026-48054 - OpenZeppelin Wizard generated test code injection
- CVE-2025-12735 - expr-eval context function RCE
- CVE-2025-3248 - Langflow validate/code unauthenticated RCE
- CVE-2026-47252 - Anyquery browser plugin AppleScript/JXA injection
- CVE-2026-44632 - Yamcs Janino expression RCE
- CVE-2026-47668 - DbGate JSON script runner unauthenticated RCE
- CVE-2026-47670 - DbGate loadReader dynamic import RCE
- CVE-2026-48017 - DbGate loadReader functionName RCE
- CVE-2026-41265 - Flowise Airtable Agent code injection RCE
- CVE-2026-41507 - math-codegen string literal RCE