command-injection
command-injection
- CVE-2026-8037 - Progress Kemp LoadMaster API command injection RCE
- CVE-2026-13545 - D-Link DCS-935L 1 command injection
- CVE-2026-20245 - Cisco Catalyst SD-WAN tenant upload command injection
- CVE-2026-32833 - Cudy LT300 NTP configuration command injection
- CVE-2026-11417 - aws-cdk-lib NodejsFunction bundling command injection
- CVE-2026-42563 - Dulwich merge driver path command injection
- CVE-2026-54090 - File Browser shell metacharacter command injection
- CVE-2025-11953 - React Native CLI Metro command injection
- CVE-2025-53967 - Framelink Figma MCP curl command injection
- CVE-2025-6514 - mcp-remote OAuth command injection
- CVE-2026-42271 - LiteLLM MCP stdio command execution
- CVE-2026-5058 - aws-mcp-server command injection RCE
- CVE-2026-11455 - MetaGPT Mermaid path command injection
- CVE-2026-10796 - nvm mirror version command injection
- CVE-2026-47708 - stata-mcp log_file_name command injection
- CVE-2026-30861 - WeKnora MCP stdio command injection
- CVE-2026-41010 - BOSH Director release job command injection
- GHSA-m99r-2hxc-cp3q - Flowise MCP security bypass RCE
- CVE-2026-25244 - WebdriverIO BrowserStack branch command injection
- GHSA-v6wj-c83f-v46x - profullstack MCP server command injection
- CVE-2026-41247 - elFinder ImageMagick bg command injection
- CVE-2026-40933 - Flowise MCP adapter command execution
- CVE-2026-41497 - PraisonAI MCP command injection incomplete fix
- CVE-2026-7039 - ssh-mcp description command injection
- GHSA-rpm5/GHSA-x2qx - GitPython command injection
- GHSA-vr7g-88fq-vhq3 - Paperclip workspace cleanup command injection