VYPR

CWE-913

Improper Control of Dynamically-Managed Code Resources

ClassIncomplete

Description

The product does not properly restrict reading from or writing to dynamically-managed code resources such as variables, objects, classes, attributes, functions, or executable instructions or statements.

Many languages offer powerful features that allow the programmer to dynamically create or modify existing code, or resources used by code such as variables and objects. While these features can offer significant flexibility and reduce development time, they can be extremely dangerous if attackers can directly influence these code resources in unexpected ways.

Hierarchy (View 1000)

CVEs mapped to this weakness (63)

page 2 of 4
  • CVE-2026-5248MedApr 1, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in gougucms 4.08.18. This affects the function reg_submit of the file gougucms-master\app\home\controller\Login.php of the component User Registration Handler. Such manipulation of the argument level leads to dynamically-determined object…

  • CVE-2025-14695MedDec 15, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in SamuNatsu HaloBot up to 026b01d4a896d93eaaf9d5163a287dc9f267515b. Affected is the function html_renderer of the file plugins/html_renderer/index.js of the component Inter-plugin API. Executing manipulation of the argument action can lead to…

  • CVE-2025-14085MedDec 5, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in youlaitech youlai-mall 1.0.0/2.0.0. This impacts an unknown function of the file /app-api/v1/orders/. The manipulation of the argument orderId leads to improper control of dynamically-identified variables. Remote exploitation of the attack is…

  • CVE-2025-14051MedDec 4, 2025
    risk 0.41cvss 6.3epss 0.00

    A flaw has been found in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the function getById/updateAddress/deleteAddress of the file /mall-ums/app-api/v1/addresses/. Executing manipulation can lead to improper control of dynamically-identified variables. The attack can be…

  • CVE-2025-26405MedNov 11, 2025
    risk 0.38cvss 5.9epss 0.00

    Improper control of dynamically-managed code resources for some Intel(R) NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service.…

  • CVE-2026-1770MedFeb 2, 2026
    risk 0.29cvss epss 0.00

    Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain…

  • CVE-2025-6107LowJun 16, 2025
    risk 0.20cvss 3.1epss 0.00

    A vulnerability was found in comfyanonymous comfyui 0.3.40. It has been classified as problematic. Affected is the function set_attr of the file /comfy/utils.py. The manipulation leads to dynamically-determined object attributes. It is possible to launch the attack remotely. The…

  • CVE-2025-68613KEVDec 19, 2025
    risk 0.16cvss epss 0.98

    n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their workflow expression evaluation system. Under certain conditions, expressions…

  • CVE-2022-40635Sep 13, 2022
    risk 0.01cvss epss 0.01

    Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.

  • CVE-2022-40634Sep 13, 2022
    risk 0.01cvss epss 0.01

    Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker SSTI.

  • CVE-2025-71323Jun 17, 2026
    risk 0.00cvss epss 0.01

    picklescan before 0.0.33 fails to block the ctypes module, allowing attackers to achieve remote code execution by invoking direct syscalls and accessing raw memory. Attackers can craft malicious pickle files using ctypes.WinDLL to load kernel32.dll and execute arbitrary…

  • CVE-2026-33286Mar 23, 2026
    risk 0.00cvss epss 0.01

    Graphiti is a framework that sits on top of models and exposes them via a JSON:API-compliant interface. Versions prior to 1.10.2 have an arbitrary method execution vulnerability that affects Graphiti's JSONAPI write functionality. An attacker can craft a malicious JSONAPI…

  • CVE-2025-69219Mar 9, 2026
    risk 0.00cvss epss 0.01

    A user with access to the DB could craft a database entry that would result in executing code on Triggerer - which gives anyone who have access to DB the same permissions as Dag Author. Since direct DB access is not usual and recommended for Airflow, the likelihood of it making…

  • CVE-2026-25049Feb 4, 2026
    risk 0.00cvss epss 0.01

    n8n is an open source workflow automation platform. Prior to versions 1.123.17 and 2.5.2, an authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running…

  • CVE-2026-23830Jan 27, 2026
    risk 0.00cvss epss 0.01

    SandboxJS is a JavaScript sandboxing library. Versions prior to 0.8.26 have a sandbox escape vulnerability due to `AsyncFunction` not being isolated in `SandboxFunction`. The library attempts to sandbox code execution by replacing the global `Function` constructor with a safe,…

  • CVE-2026-22709Jan 26, 2026
    risk 0.00cvss epss 0.01

    vm2 is an open source vm/sandbox for Node.js. In vm2 prior to version 3.10.2, `Promise.prototype.then` `Promise.prototype.catch` callback sanitization can be bypassed. This allows attackers to escape the sandbox and run arbitrary code. In lib/setup-sandbox.js, the callback…

  • CVE-2025-66398Jan 1, 2026
    risk 0.00cvss epss 0.18

    Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.19.0, an unauthenticated attacker can pollute the internal state (`restoreFilePath`) of the server via the `/skServer/validateBackup` endpoint. This allows the attacker to hijack the…

  • CVE-2025-61780Oct 10, 2025
    risk 0.00cvss epss 0.00

    Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, a possible information disclosure vulnerability existed in `Rack::Sendfile` when running behind a proxy that supports `x-sendfile` headers (such as Nginx). Specially crafted headers could…

  • CVE-2025-9905Sep 19, 2025
    risk 0.00cvss epss 0.00

    The Keras Model.load_model method can be exploited to achieve arbitrary code execution, even with safe_mode=True. One can create a specially crafted .h5/.hdf5 model archive that, when loaded via Model.load_model, will trigger arbitrary code to be executed. This is achieved…

  • CVE-2025-6384Jun 19, 2025
    risk 0.00cvss epss 0.01

    Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain…