VYPR

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

ClassDraftLikelihood: High

Description

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-136 · CAPEC-15 · CAPEC-183 · CAPEC-248 · CAPEC-40 · CAPEC-43 · CAPEC-75 · CAPEC-76

CVEs mapped to this weakness (1,552)

page 60 of 78
  • CVE-2026-5603MedApr 5, 2026
    risk 0.28cvss 5.3epss 0.01

    A vulnerability was identified in elgentos magento2-dev-mcp up to 1.0.2. The affected element is the function executeMagerun2Command of the file src/index.ts. Such manipulation leads to os command injection. An attack has to be approached locally. The exploit is publicly…

  • CVE-2026-5602MedApr 5, 2026
    risk 0.28cvss 5.3epss 0.01

    A vulnerability was determined in Nor2-io heim-mcp up to 0.1.3. Impacted is the function registerTools of the file src/tools.ts of the component new_heim_application/deploy_heim_application/deploy_heim_application_to_cloud. This manipulation causes os command injection. The…

  • CVE-2026-1735MedFeb 2, 2026
    risk 0.28cvss 4.3epss 0.01

    A weakness has been identified in Yealink MeetingBar A30 133.321.0.3. This issue affects some unknown processing of the component Diagnostic Handler. This manipulation causes command injection. It is feasible to perform the attack on the physical device. The exploit has been…

  • CVE-2026-11487MedJun 8, 2026
    risk 0.27cvss 5.3epss 0.01

    A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on…

  • CVE-2026-5125MedMar 30, 2026
    risk 0.27cvss 5.3epss 0.01

    A vulnerability was detected in raine consult-llm-mcp up to 2.5.3. Affected by this vulnerability is the function child_process.execSync of the file src/server.ts. The manipulation of the argument git_diff.base_ref/git_diff.files results in os command injection. The attack is…

  • CVE-2026-4496MedMar 20, 2026
    risk 0.27cvss 5.3epss 0.01

    A vulnerability was found in sigmade Git-MCP-Server up to 785aa159f262a02d5791a5d8a8e13c507ac42880. Affected by this vulnerability is the function child_process.exec of the file src/gitUtils.ts of the component show_merge_diff/quick_merge_summary/show_file_diff. The manipulation…

  • CVE-2026-4199MedMar 16, 2026
    risk 0.27cvss 5.3epss 0.01

    A vulnerability was identified in bazinga012 mcp_code_executor up to 0.3.0. Affected by this issue is the function installDependencies of the file src/index.ts. Such manipulation leads to command injection. The attack can only be performed from a local environment. The exploit…

  • CVE-2026-4198MedMar 16, 2026
    risk 0.27cvss 5.3epss 0.01

    A vulnerability was determined in hypermodel-labs mcp-server-auto-commit 1.0.0. Affected by this vulnerability is the function getGitChanges of the file index.ts. This manipulation causes command injection. The attack can only be executed locally. The exploit has been publicly…

  • CVE-2025-9769MedSep 1, 2025
    risk 0.27cvss 4.1epss 0.26

    A security flaw has been discovered in D-Link DI-7400G+ 19.12.25A1. Affected is the function sub_478D28 of the file /mng_platform.asp. The manipulation of the argument addr with the input `echo 12345 > poc.txt` results in command injection. An attack on the physical device is…

  • CVE-2024-45989MedSep 26, 2024
    risk 0.26cvss 4.0epss 0.00

    Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. A prompt injection allows an attacker to modify chatbot answer with an unloaded image that exfiltrates the user's sensitive chat data of the current…

  • CVE-2024-54681LowJan 17, 2025
    risk 0.23cvss 3.5epss 0.00

    Multiple bash files were present in the application's private directory. Bash files can be used on their own, by an attacker that has already full access to the mobile platform to compromise the translations for the application.

  • CVE-2025-48979LowAug 29, 2025
    risk 0.22cvss 3.4epss 0.00

    An Improper Input Validation in UISP Application could allow a Command Injection by a malicious actor with High Privileges and local access.

  • CVE-2026-20671LowFeb 11, 2026
    risk 0.20cvss 3.1epss 0.00

    A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker in a privileged network position may…

  • CVE-2026-25046LowJan 29, 2026
    risk 0.19cvss 2.9epss 0.00

    Kimi Agent SDK is a set of libraries that expose the Kimi Code (Kimi CLI) agent runtime in applications. The vsix-publish.js and ovsx-publish.js scripts pass filenames to execSync() as shell command strings. Prior to version 0.1.6, filenames containing shell metacharacters like…

  • CVE-2025-41721LowOct 22, 2025
    risk 0.18cvss 2.7epss 0.00

    A high privileged remote attacker can influence the parameters passed to the openssl command due to improper neutralization of special elements when adding a password protected self-signed certificate.

  • CVE-2025-52687LowJul 16, 2025
    risk 0.16cvss 2.4epss 0.00

    Successful exploitation of the vulnerability could allow an attacker with administrator credentials for the access point to inject malicious JavaScript into the payload of web traffics, potentially leading to session hijacking and denial-of-service (DoS).

  • CVE-2024-34713LowMay 14, 2024
    risk 0.16cvss 3.5epss 0.00

    sshproxy is used on a gateway to transparently proxy a user SSH connection on the gateway to an internal host via SSH. Prior to version 1.6.3, any user authorized to connect to a ssh server using `sshproxy` can inject options to the `ssh` command executed by `sshproxy`. All…

  • CVE-2024-27348KEVApr 22, 2024
    risk 0.16cvss epss 0.99

    RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue.

  • CVE-2020-11978KEVJul 16, 2020
    risk 0.16cvss epss 0.99

    An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated user to run arbitrary commands as the user running airflow…

  • CVE-2019-5420Mar 27, 2019
    risk 0.10cvss epss 0.92

    A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code…