VYPR

CWE-829

Inclusion of Functionality from Untrusted Control Sphere

BaseIncomplete

Description

The product imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-175 · CAPEC-201 · CAPEC-228 · CAPEC-251 · CAPEC-252 · CAPEC-253 · CAPEC-263 · CAPEC-538 · CAPEC-549 · CAPEC-640 · CAPEC-660 · CAPEC-695 · CAPEC-698

CVEs mapped to this weakness (143)

page 6 of 8
  • CVE-2026-26079MedFeb 11, 2026
    risk 0.31cvss 4.7epss 0.00

    Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets (CSS) injection, e.g., because comments are mishandled.

  • CVE-2026-34442MedMar 31, 2026
    risk 0.28cvss 5.4epss 0.00

    FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.211, host header manipulation in FreeScout version (http://localhost:8080/system/status) allows an attacker to inject an arbitrary domain into generated absolute URLs. This…

  • CVE-2026-6357MedApr 27, 2026
    risk 0.27cvss epss 0.00

    pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update…

  • CVE-2025-15612MedMar 27, 2026
    risk 0.24cvss 4.8epss 0.00

    Wazuh provisioning scripts and Dockerfiles contain an insecure transport vulnerability where curl is invoked with the -k/--insecure flag, disabling SSL/TLS certificate validation. Attackers with network access can perform man-in-the-middle attacks to intercept and modify…

  • CVE-2025-52655LowOct 10, 2025
    risk 0.20cvss 3.1epss 0.00

    Inclusion of Functionality from Untrusted Control Sphere vulnerability in HCL MyXalytics. v6.6 allows Loading third-party scripts without integrity checks or validation can allow external code run in the application's context, risking data exposure.

  • CVE-2025-54558MedJul 25, 2025
    risk 0.20cvss 4.1epss 0.00

    OpenAI Codex CLI before 0.9.0 auto-approves ripgrep (aka rg) execution even with the --pre or --hostname-bin or --search-zip or -z flag.

  • CVE-2026-0770Jan 23, 2026
    risk 0.04cvss epss 0.10

    Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this…

  • CVE-2023-48022Nov 28, 2023
    risk 0.03cvss epss 0.82

    Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network…

  • CVE-2026-50195Jun 19, 2026
    risk 0.00cvss epss

    ## Impact containerd's CRI checkpoint import process contains a vulnerability where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods can use a crafted checkpoint image to force containerd…

  • CVE-2026-44691Jun 18, 2026
    risk 0.00cvss epss 0.00

    In Eclipse Theia versions prior to 1.69.0, custom task definitions in workspace files (e.g. .theia/tasks.json, .vscode/tasks.json) could be executed without requiring workspace trust. An attacker could craft a malicious repository that, when cloned and opened in Theia, leads to…

  • CVE-2026-46580Jun 18, 2026
    risk 0.00cvss epss 0.00

    In Eclipse Theia versions prior to 1.71.0, files matching the pattern .prompts/*.prompttemplate in a workspace were automatically loaded and could override or extend the AI agent's system prompts. An attacker could craft a malicious repository containing prompt template files…

  • CVE-2026-44688Jun 18, 2026
    risk 0.00cvss epss 0.00

    In Eclipse Theia versions prior to 1.71.0, the AI chat agent processed workspace file and directory names as part of its prompt context without distinguishing them from system instructions. An attacker could craft a malicious repository with adversarial directory or file names…

  • CVE-2026-54325Jun 17, 2026
    risk 0.00cvss epss 0.00

    # Pi loads project-local extensions without approval Pi before 0.79.0 loaded project-local configuration and resources from a repository's `.pi` directory without first asking the user to trust that repository. This included project-local extensions, which are executable…

  • CVE-2026-45711May 19, 2026
    risk 0.00cvss epss 0.00

    ### Summary The mailpit dump --http sub-command downloads every message from a remote Mailpit instance and writes each one as .eml inside the user-supplied output directory. The message ID field is taken verbatim from the JSON response of the remote…

  • CVE-2026-32009Mar 19, 2026
    risk 0.00cvss epss 0.00

    OpenClaw versions prior to 2026.2.24 contain a policy bypass vulnerability in the safeBins allowlist evaluation that trusts static default directories including writable package-manager paths like /opt/homebrew/bin and /usr/local/bin. An attacker with write access to these…

  • CVE-2026-26974Feb 20, 2026
    risk 0.00cvss epss 0.01

    Slyde is a program that creates animated presentations from XML. In versions 0.0.4 and below, Node.js automatically imports **/*.plugin.{js,mjs} files including those from node_modules, so any malicious package with a .plugin.js file can execute arbitrary code when installed or…

  • CVE-2025-68924Jan 16, 2026
    risk 0.00cvss epss 0.01

    In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply a malicious WSDL (aka Webservice) URL as a data source for remote code execution.

  • CVE-2025-65964Dec 8, 2025
    risk 0.00cvss epss 0.01

    n8n is an open source workflow automation platform. Versions 0.123.1 through 1.119.1 do not have adequate protections to prevent RCE through the project's pre-commit hooks. The Add Config operation allows workflows to set arbitrary Git configuration values, including…

  • CVE-2025-64496Nov 8, 2025
    risk 0.00cvss epss 0.08

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Versions 0.6.224 and prior contain a code injection vulnerability in the Direct Connections feature that allows malicious external model servers to execute arbitrary JavaScript in…

  • CVE-2025-62726Oct 30, 2025
    risk 0.00cvss epss 0.01

    n8n is an open source workflow automation platform. Prior to 1.113.0, a remote code execution vulnerability exists in the Git Node component available in both Cloud and Self-Hosted versions of n8n. When a malicious actor clones a remote repository containing a pre-commit hook,…