CWE-707
Improper Neutralization
Description
The product does not ensure or incorrectly ensures that structured messages or data are well-formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-250 · CAPEC-276 · CAPEC-277 · CAPEC-278 · CAPEC-279 · CAPEC-3 · CAPEC-43 · CAPEC-468 · CAPEC-52 · CAPEC-53 · CAPEC-64 · CAPEC-7 · CAPEC-78 · CAPEC-79 · CAPEC-83 · CAPEC-84
CVEs mapped to this weakness (37)
page 2 of 2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-14674 | Med | 0.41 | 6.3 | 0.00 | Dec 14, 2025 | A vulnerability was found in aizuda snail-job up to 1.6.0. Affected by this vulnerability is the function QLExpressEngine.doEval of the file snail-job-common/snail-job-common-core/src/main/java/com/aizuda/snailjob/common/core/expression/strategy/QLExpressEngine.java. The… | ||
| CVE-2025-13268 | Med | 0.41 | 6.3 | 0.00 | Nov 17, 2025 | A flaw has been found in Dromara dataCompare up to 1.0.1. The affected element is the function DbConfig of the file src/main/java/com/vince/xq/project/system/dbconfig/service/DbconfigServiceImpl.java of the component JDBC URL Handler. Executing manipulation can lead to… | ||
| CVE-2025-11445 | Med | 0.41 | 6.3 | 0.00 | Oct 8, 2025 | A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now… | ||
| CVE-2025-27712 | Med | 0.37 | 5.7 | 0.00 | Nov 11, 2025 | Improper neutralization for some Intel(R) Neural Compressor software before version v3.4 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation… | ||
| CVE-2026-10222 | Med | 0.36 | 5.6 | 0.00 | Jun 1, 2026 | A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.30. Affected by this issue is the function _sanitize_env_lines of the file hermes_cli/config.py. The manipulation results in injection. It is possible to launch the attack remotely. The attack requires… | ||
| CVE-2026-7045 | Med | 0.34 | 6.3 | 0.00 | Apr 26, 2026 | A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExpressionProcessor#doDetermineDatasource of the file dynamic-datasource-spring/src/main/java/com/baomidou/dynamic/datasource/processor/DsSpelExpressionProces… | ||
| CVE-2026-6994 | Med | 0.34 | 6.3 | 0.00 | Apr 25, 2026 | A weakness has been identified in Envoy up to 1.33.0. Affected is the function params.add of the file source/extensions/filters/http/header_mutation/header_mutation.cc of the component Query Parameter Handler. This manipulation causes injection. Remote exploitation of the attack… | ||
| CVE-2026-4500 | Med | 0.34 | 6.3 | 0.00 | Mar 20, 2026 | A vulnerability was identified in bagofwords1 bagofwords up to 0.0.297. This impacts the function generate_df of the file backend/app/ai/code_execution/code_execution.py. Such manipulation leads to injection. The attack may be launched remotely. The exploit is publicly available… | ||
| CVE-2025-3805 | Med | 0.34 | 5.3 | 0.00 | Apr 19, 2025 | A vulnerability classified as critical was found in sarrionandia tournatrack up to 4c13a23f43da5317eea4614870a7a8510fc540ec. Affected by this vulnerability is an unknown functionality of the file check_id.py of the component Jinja2 Template Handler. The manipulation of the… | ||
| CVE-2025-3804 | Med | 0.34 | 5.3 | 0.00 | Apr 19, 2025 | A vulnerability classified as critical has been found in thautwarm vscode-diana 0.0.1. Affected is an unknown function of the file Gen.py of the component Jinja2 Template Handler. The manipulation leads to injection. Attacking locally is a requirement. The exploit has been… | ||
| CVE-2025-0697 | Med | 0.34 | 5.3 | 0.00 | Jan 24, 2025 | A vulnerability, which was classified as problematic, was found in Telstra Smart Modem Gen 2 up to 20250115. This affects an unknown part of the component HTTP Header Handler. The manipulation of the argument Content-Disposition leads to injection. It is possible to initiate the… | ||
| CVE-2026-10661 | Med | 0.21 | 4.3 | 0.00 | Jun 2, 2026 | A vulnerability has been found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. Impacted is the function Open of the file src/blender_mcp/server.py. The manipulation of the argument input_image_url leads to injection. Remote exploitation of the attack is… | ||
| CVE-2025-9797 | Low | 0.16 | 2.4 | 0.00 | Sep 1, 2025 | A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product Page. This manipulation causes injection. The attack can be initiated remotely.… | ||
| CVE-2022-4638 | — | 0.00 | — | 0.00 | Dec 21, 2022 | A vulnerability classified as problematic was found in collective.contact.widget up to 1.12. This vulnerability affects the function title of the file src/collective/contact/widget/widgets.py. The manipulation leads to cross site scripting. The attack can be initiated remotely.… | ||
| CVE-2022-4396 | — | 0.00 | — | 0.01 | Dec 10, 2022 | A vulnerability was found in RDFlib pyrdfa3 and classified as problematic. This issue affects the function _get_option of the file pyRdfa/__init__.py. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is… | ||
| CVE-2022-3801 | 0.00 | — | 0.30 | Nov 1, 2022 | A vulnerability, which was classified as critical, was found in IBAX go-ibax. This affects an unknown part of the file /api/v2/open/rowsInfo. The manipulation of the argument order leads to sql injection. It is possible to initiate the attack remotely. The exploit has been… | |||
| CVE-2022-3704 | — | 0.00 | — | 0.01 | Oct 26, 2022 | A vulnerability classified as problematic has been found in Ruby on Rails. This affects an unknown part of the file actionpack/lib/action_dispatch/middleware/templates/routes/_table.html.erb. The manipulation leads to cross site scripting. It is possible to initiate the attack… |
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in aizuda snail-job up to 1.6.0. Affected by this vulnerability is the function QLExpressEngine.doEval of the file snail-job-common/snail-job-common-core/src/main/java/com/aizuda/snailjob/common/core/expression/strategy/QLExpressEngine.java. The…
- risk 0.41cvss 6.3epss 0.00
A flaw has been found in Dromara dataCompare up to 1.0.1. The affected element is the function DbConfig of the file src/main/java/com/vince/xq/project/system/dbconfig/service/DbconfigServiceImpl.java of the component JDBC URL Handler. Executing manipulation can lead to…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now…
- risk 0.37cvss 5.7epss 0.00
Improper neutralization for some Intel(R) Neural Compressor software before version v3.4 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation…
- risk 0.36cvss 5.6epss 0.00
A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.30. Affected by this issue is the function _sanitize_env_lines of the file hermes_cli/config.py. The manipulation results in injection. It is possible to launch the attack remotely. The attack requires…
- risk 0.34cvss 6.3epss 0.00
A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExpressionProcessor#doDetermineDatasource of the file dynamic-datasource-spring/src/main/java/com/baomidou/dynamic/datasource/processor/DsSpelExpressionProces…
- risk 0.34cvss 6.3epss 0.00
A weakness has been identified in Envoy up to 1.33.0. Affected is the function params.add of the file source/extensions/filters/http/header_mutation/header_mutation.cc of the component Query Parameter Handler. This manipulation causes injection. Remote exploitation of the attack…
- risk 0.34cvss 6.3epss 0.00
A vulnerability was identified in bagofwords1 bagofwords up to 0.0.297. This impacts the function generate_df of the file backend/app/ai/code_execution/code_execution.py. Such manipulation leads to injection. The attack may be launched remotely. The exploit is publicly available…
- risk 0.34cvss 5.3epss 0.00
A vulnerability classified as critical was found in sarrionandia tournatrack up to 4c13a23f43da5317eea4614870a7a8510fc540ec. Affected by this vulnerability is an unknown functionality of the file check_id.py of the component Jinja2 Template Handler. The manipulation of the…
- risk 0.34cvss 5.3epss 0.00
A vulnerability classified as critical has been found in thautwarm vscode-diana 0.0.1. Affected is an unknown function of the file Gen.py of the component Jinja2 Template Handler. The manipulation leads to injection. Attacking locally is a requirement. The exploit has been…
- risk 0.34cvss 5.3epss 0.00
A vulnerability, which was classified as problematic, was found in Telstra Smart Modem Gen 2 up to 20250115. This affects an unknown part of the component HTTP Header Handler. The manipulation of the argument Content-Disposition leads to injection. It is possible to initiate the…
- risk 0.21cvss 4.3epss 0.00
A vulnerability has been found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. Impacted is the function Open of the file src/blender_mcp/server.py. The manipulation of the argument input_image_url leads to injection. Remote exploitation of the attack is…
- risk 0.16cvss 2.4epss 0.00
A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product Page. This manipulation causes injection. The attack can be initiated remotely.…
- CVE-2022-4638Dec 21, 2022risk 0.00cvss —epss 0.00
A vulnerability classified as problematic was found in collective.contact.widget up to 1.12. This vulnerability affects the function title of the file src/collective/contact/widget/widgets.py. The manipulation leads to cross site scripting. The attack can be initiated remotely.…
- CVE-2022-4396Dec 10, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in RDFlib pyrdfa3 and classified as problematic. This issue affects the function _get_option of the file pyRdfa/__init__.py. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is…
- CVE-2022-3801Nov 1, 2022risk 0.00cvss —epss 0.30
A vulnerability, which was classified as critical, was found in IBAX go-ibax. This affects an unknown part of the file /api/v2/open/rowsInfo. The manipulation of the argument order leads to sql injection. It is possible to initiate the attack remotely. The exploit has been…
- CVE-2022-3704Oct 26, 2022risk 0.00cvss —epss 0.01
A vulnerability classified as problematic has been found in Ruby on Rails. This affects an unknown part of the file actionpack/lib/action_dispatch/middleware/templates/routes/_table.html.erb. The manipulation leads to cross site scripting. It is possible to initiate the attack…