CWE-94
Improper Control of Generation of Code ('Code Injection')
Description
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-242 · CAPEC-35 · CAPEC-77
CVEs mapped to this weakness (4,701)
page 19 of 236| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-0901 | Hig | 0.61 | 8.8 | 0.42 | Jul 29, 2009 | The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does… | ||
| CVE-2026-45261 | Cri | 0.60 | — | 0.01 | May 28, 2026 | GitButler is a modern Git-based version control interface for AI-powered workflows. Prior to 0.19.7, a emote code execution vulnerability exists in the Tauri-based GitButler desktop application. An attacker can inject a malicious link in a pull request body, which if clicked by… | ||
| CVE-2026-9264 | Cri | 0.60 | 9.3 | 0.00 | May 22, 2026 | A cross-site scripting (XSS) vulnerability in SketchUp 2026's Dynamic Components feature allows remote code execution and local file exfiltration through maliciously crafted SKP files. The vulnerability stems from improper input sanitization in the component options window,… | ||
| CVE-2020-36875 | Cri | 0.60 | — | 0.01 | Jan 9, 2026 | AccessAlly WordPress plugin versions prior to 3.3.2 contain an unauthenticated arbitrary PHP code execution vulnerability in the Login Widget. The plugin processes the login_error parameter as PHP code, allowing an attacker to supply and execute arbitrary PHP in the context of… | ||
| CVE-2025-34433 | Cri | 0.60 | — | 0.01 | Dec 19, 2025 | AVideo versions 14.3.1 prior to 20.1 contain an unauthenticated remote code execution vulnerability caused by predictable generation of an installation salt using PHP uniqid(). The installation timestamp is exposed via a public endpoint, and a derived hash identifier is… | ||
| CVE-2025-13658 | — | Cri | 0.60 | — | 0.01 | Dec 2, 2025 | A vulnerability in Longwatch devices allows unauthenticated HTTP GET requests to execute arbitrary code via an exposed endpoint, due to the absence of code signing and execution controls. Exploitation results in SYSTEM-level privileges. | |
| CVE-2020-36870 | Cri | 0.60 | — | 0.01 | Nov 7, 2025 | Various Ruijie Gateway EG and NBR models firmware versions 11.1(6)B9P1 < 11.9(4)B12P1 contain a code execution vulnerability in the EWEB management system that can be abused via front-end functionality. Attackers can exploit front-end code when features such as guest… | ||
| CVE-2025-61774 | Cri | 0.60 | — | 0.01 | Oct 6, 2025 | PyVista provides 3D plotting and mesh analysis through an interface for the Visualization Toolkit (VTK). Version 0.46.3 of the PyVista Project is vulnerable to remote code execution via dependency confusion. Two pieces of code use`--extra-index-url`. But when `--extra-index-url`… | ||
| CVE-2025-34124 | Hig | 0.60 | — | 0.00 | Jul 16, 2025 | A buffer overflow vulnerability exists in Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9, and Demo 1.0.0.0 via malicious .h3m map files that exploit object sprite name parsing logic. The vulnerability occurs during in-game map loading when a crafted object… | ||
| CVE-2025-30085 | Cri | 0.60 | — | 0.00 | Jun 11, 2025 | Remote code execution vulnerability in RSForm!pro component 3.0.0 - 3.3.14 for Joomla was discovered. The issue occurs within the submission export feature and requires administrative access to the export feature. | ||
| CVE-2025-3579 | Cri | 0.60 | — | 0.01 | Apr 15, 2025 | In versions prior to Aidex 1.7, an authenticated malicious user, taking advantage of an open registry, could execute unauthorised commands within the system. This includes executing operating system (Unix) commands, interacting with internal services such as PHP or MySQL, and… | ||
| CVE-2024-45480 | Cri | 0.60 | — | 0.00 | Mar 25, 2025 | An improper control of generation of code ('Code Injection') vulnerability in the AprolCreateReport component of B&R APROL <4.4-00P5 may allow an unauthenticated network-based attacker to read files from the local system. | ||
| CVE-2024-39844 | Cri | 0.60 | 9.8 | 0.04 | Jul 3, 2024 | In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK. | ||
| CVE-2022-42699 | Cri | 0.60 | 9.1 | 0.01 | Dec 6, 2022 | Auth. Remote Code Execution vulnerability in Easy WP SMTP plugin <= 1.5.1 on WordPress. | ||
| CVE-2013-0810 | Hig | 0.60 | 8.1 | 0.60 | Sep 11, 2013 | Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, and Windows Server 2008 SP2 allow remote attackers to execute arbitrary code via a crafted screensaver in a theme file, aka "Windows Theme File Remote Code Execution Vulnerability." | ||
| CVE-2010-0248 | Hig | 0.60 | 8.1 | 0.53 | Jan 22, 2010 | Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object… | ||
| CVE-2026-39465 | Cri | 0.59 | 9.1 | 0.01 | Jun 15, 2026 | Editor Remote Code Execution (RCE) in Responsive Slider by MetaSlider <= 3.106.0 versions. | ||
| CVE-2026-11393 | Cri | 0.59 | 9.0 | 0.00 | Jun 8, 2026 | Improper neutralization of triple-quote characters during Python code generation in AgentCore CLI before v0.14.2 might allow an authenticated remote threat actor to execute arbitrary code on AWS AgentCore Runtime under the imported agent's IAM execution role and on the local… | ||
| CVE-2026-9311 | Cri | 0.59 | 9.0 | 0.00 | Jun 1, 2026 | IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls. | ||
| CVE-2026-32999 | Cri | 0.59 | 9.0 | 0.00 | May 28, 2026 | Insufficient character filtering in backup agent signing module on Comet Backup server allows authenticated tenant administrator to execute an arbitrary code on behalf of a privileged user on the affected server and connected devices. |
- risk 0.61cvss 8.8epss 0.42
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does…
- risk 0.60cvss —epss 0.01
GitButler is a modern Git-based version control interface for AI-powered workflows. Prior to 0.19.7, a emote code execution vulnerability exists in the Tauri-based GitButler desktop application. An attacker can inject a malicious link in a pull request body, which if clicked by…
- risk 0.60cvss 9.3epss 0.00
A cross-site scripting (XSS) vulnerability in SketchUp 2026's Dynamic Components feature allows remote code execution and local file exfiltration through maliciously crafted SKP files. The vulnerability stems from improper input sanitization in the component options window,…
- risk 0.60cvss —epss 0.01
AccessAlly WordPress plugin versions prior to 3.3.2 contain an unauthenticated arbitrary PHP code execution vulnerability in the Login Widget. The plugin processes the login_error parameter as PHP code, allowing an attacker to supply and execute arbitrary PHP in the context of…
- risk 0.60cvss —epss 0.01
AVideo versions 14.3.1 prior to 20.1 contain an unauthenticated remote code execution vulnerability caused by predictable generation of an installation salt using PHP uniqid(). The installation timestamp is exposed via a public endpoint, and a derived hash identifier is…
- risk 0.60cvss —epss 0.01
A vulnerability in Longwatch devices allows unauthenticated HTTP GET requests to execute arbitrary code via an exposed endpoint, due to the absence of code signing and execution controls. Exploitation results in SYSTEM-level privileges.
- risk 0.60cvss —epss 0.01
Various Ruijie Gateway EG and NBR models firmware versions 11.1(6)B9P1 < 11.9(4)B12P1 contain a code execution vulnerability in the EWEB management system that can be abused via front-end functionality. Attackers can exploit front-end code when features such as guest…
- risk 0.60cvss —epss 0.01
PyVista provides 3D plotting and mesh analysis through an interface for the Visualization Toolkit (VTK). Version 0.46.3 of the PyVista Project is vulnerable to remote code execution via dependency confusion. Two pieces of code use`--extra-index-url`. But when `--extra-index-url`…
- risk 0.60cvss —epss 0.00
A buffer overflow vulnerability exists in Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9, and Demo 1.0.0.0 via malicious .h3m map files that exploit object sprite name parsing logic. The vulnerability occurs during in-game map loading when a crafted object…
- risk 0.60cvss —epss 0.00
Remote code execution vulnerability in RSForm!pro component 3.0.0 - 3.3.14 for Joomla was discovered. The issue occurs within the submission export feature and requires administrative access to the export feature.
- risk 0.60cvss —epss 0.01
In versions prior to Aidex 1.7, an authenticated malicious user, taking advantage of an open registry, could execute unauthorised commands within the system. This includes executing operating system (Unix) commands, interacting with internal services such as PHP or MySQL, and…
- risk 0.60cvss —epss 0.00
An improper control of generation of code ('Code Injection') vulnerability in the AprolCreateReport component of B&R APROL <4.4-00P5 may allow an unauthenticated network-based attacker to read files from the local system.
- risk 0.60cvss 9.8epss 0.04
In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK.
- risk 0.60cvss 9.1epss 0.01
Auth. Remote Code Execution vulnerability in Easy WP SMTP plugin <= 1.5.1 on WordPress.
- risk 0.60cvss 8.1epss 0.60
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, and Windows Server 2008 SP2 allow remote attackers to execute arbitrary code via a crafted screensaver in a theme file, aka "Windows Theme File Remote Code Execution Vulnerability."
- risk 0.60cvss 8.1epss 0.53
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object…
- risk 0.59cvss 9.1epss 0.01
Editor Remote Code Execution (RCE) in Responsive Slider by MetaSlider <= 3.106.0 versions.
- risk 0.59cvss 9.0epss 0.00
Improper neutralization of triple-quote characters during Python code generation in AgentCore CLI before v0.14.2 might allow an authenticated remote threat actor to execute arbitrary code on AWS AgentCore Runtime under the imported agent's IAM execution role and on the local…
- risk 0.59cvss 9.0epss 0.00
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls.
- risk 0.59cvss 9.0epss 0.00
Insufficient character filtering in backup agent signing module on Comet Backup server allows authenticated tenant administrator to execute an arbitrary code on behalf of a privileged user on the affected server and connected devices.