VYPR

CWE-829

Inclusion of Functionality from Untrusted Control Sphere

BaseIncomplete

Description

The product imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-175 · CAPEC-201 · CAPEC-228 · CAPEC-251 · CAPEC-252 · CAPEC-253 · CAPEC-263 · CAPEC-538 · CAPEC-549 · CAPEC-640 · CAPEC-660 · CAPEC-695 · CAPEC-698

CVEs mapped to this weakness (143)

page 5 of 8
  • CVE-2026-41295HigApr 21, 2026
    risk 0.44cvss 7.8epss 0.00

    OpenClaw before 2026.4.2 contains an improper trust boundary vulnerability allowing untrusted workspace channel shadows to execute during built-in channel setup and login. Attackers can clone a workspace with a malicious plugin claiming a bundled channel id to achieve unintended…

  • CVE-2026-40156HigApr 10, 2026
    risk 0.44cvss 7.8epss 0.00

    PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI automatically loads a file named tools.py from the current working directory to discover and register custom agent tools. This loading process uses importlib.util.spec_from_file_location and immediately…

  • CVE-2025-49809HigJul 4, 2025
    risk 0.44cvss 7.8epss 0.00

    mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTR_PACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries.

  • CVE-2026-42510MedApr 28, 2026
    risk 0.43cvss 6.6epss 0.01

    OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface.

  • CVE-2018-8351MedAug 15, 2018
    risk 0.43cvss 6.5epss 0.08

    An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction, aka "Microsoft Browser Information Disclosure Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10.

  • CVE-2026-45184MedMay 9, 2026
    risk 0.42cvss 6.5epss 0.00

    Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used.

  • CVE-2024-56216MedDec 31, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themifyme Themify Builder themify-builder allows PHP Local File Inclusion.This issue affects Themify Builder: from n/a through <= 7.6.3.

  • CVE-2018-11040HigJun 25, 2018
    risk 0.42cvss 7.5epss 0.03

    Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controllers and…

  • CVE-2026-44995HigMay 11, 2026
    risk 0.40cvss 7.3epss 0.00

    OpenClaw before 2026.4.20 contains an improper environment variable validation vulnerability in MCP stdio server configuration that allows attackers to execute arbitrary code. Malicious workspace configurations can pass dangerous startup variables like NODE_OPTIONS, LD_PRELOAD,…

  • CVE-2026-41355HigApr 23, 2026
    risk 0.40cvss 7.3epss 0.00

    OpenClaw before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers with mirror mode access can execute arbitrary code on the host during gateway startup by exploiting enabled workspace…

  • CVE-2025-39666HigApr 7, 2026
    risk 0.40cvss 7.3epss 0.00

    Local privilege escalation in Checkmk 2.2.0 (EOL), Checkmk 2.3.0 before 2.3.0p46, Checkmk 2.4.0 before 2.4.0p25, and Checkmk 2.5.0 (beta) before 2.5.0b3 allows a site user to escalate their privileges to root, by manipulating files in the site context that are processed when the…

  • CVE-2026-47398higMay 29, 2026
    risk 0.38cvss epss 0.00

    Arbitrary code execution via ungated spec.loader.exec_module in agents_generator.py (v4.6.32 chokepoint refactor bypass) Summary The v4.6.32 chokepoint refactor (which patched CVE-2026-44334 /…

  • CVE-2026-41253MedApr 18, 2026
    risk 0.38cvss 6.9epss 0.00

    In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conductor encoding path, such as a pathname with an initial ace/c+ substring, aka…

  • CVE-2025-69257MedDec 30, 2025
    risk 0.37cvss 6.7epss 0.00

    theshit is a command-line utility that automatically detects and fixes common mistakes in shell commands. Prior to version 0.1.1, the application loads custom Python rules and configuration files from user-writable locations (e.g., `~/.config/theshit/`) without validating…

  • CVE-2024-4359MedAug 12, 2024
    risk 0.35cvss 6.5epss 0.01

    The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 5.7.2 via the SVG widget and a lack of sufficient file validation in the…

  • CVE-2025-24796MedMar 6, 2025
    risk 0.34cvss epss 0.00

    Collabora Online is a collaborative online office suite based on LibreOffice. Macro support is disabled by default in Collabora Online, but can be enabled by an administrator. Collabora Online typically hosts each document instance within a jail and is allowed to download…

  • CVE-2026-22217MedMar 18, 2026
    risk 0.33cvss 6.1epss 0.00

    OpenClaw version 2026.2.22 prior to 2026.2.23 contains an arbitrary code execution vulnerability in shell-env that allows attackers to execute attacker-controlled binaries by exploiting trusted-prefix fallback logic for the $SHELL variable. An attacker can influence the $SHELL…

  • CVE-2025-55305MedSep 4, 2025
    risk 0.33cvss 6.1epss 0.00

    Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions below 35.7.5, 36.0.0-alpha.1 through 36.8.0, 37.0.0-alpha.1 through 37.3.1 and 38.0.0-alpha.1 through 38.0.0-beta.6, ASAR Integrity Bypass via resource…

  • CVE-2024-35650MedJun 10, 2024
    risk 0.32cvss 4.9epss 0.01

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Melapress MelaPress Login Security melapress-login-security.This issue affects MelaPress Login Security: from n/a through <= 1.3.0.

  • CVE-2026-44312MedMay 14, 2026
    risk 0.31cvss 5.8epss 0.00

    css_parser is a Ruby CSS parser. Prior to 2.1.0 and 1.22.0, the CSS Parser gem does not validate HTTPS connections, allowing a Man-in-the-Middle (MITM) attacker to inject or modify CSS content when stylesheets are loaded via HTTPS. The connection is established with…