Total
2983 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-63603 | 2 Mcp Server For Data Exploration Project, Reading-plus-ai | 2 Mcp Server For Data Exploration, Mcp-server-data-exploration | 2026-01-02 | 6.5 Medium |
| A command injection vulnerability exists in the MCP Data Science Server's (reading-plus-ai/mcp-server-data-exploration) 0.1.6 in the safe_eval() function (src/mcp_server_ds/server.py:108). The function uses Python's exec() to execute user-supplied scripts but fails to restrict the __builtins__ dictionary in the globals parameter. When __builtins__ is not explicitly defined, Python automatically provides access to all built-in functions including __import__, exec, eval, and open. This allows an attacker to execute arbitrary Python code with full system privileges, leading to complete system compromise. The vulnerability can be exploited by submitting a malicious script to the run_script tool, requiring no authentication or special privileges. | ||||
| CVE-2024-24551 | 1 Bludit | 1 Bludit | 2026-01-02 | 8.8 High |
| A security vulnerability has been identified in Bludit, allowing authenticated attackers to execute arbitrary code through the Image API. This vulnerability arises from improper handling of file uploads, enabling malicious actors to upload and execute PHP files. | ||||
| CVE-2024-24550 | 1 Bludit | 1 Bludit | 2026-01-02 | 8.1 High |
| A security vulnerability has been identified in Bludit, allowing attackers with knowledge of the API token to upload arbitrary files through the File API which leads to arbitrary code execution on the server. This vulnerability arises from improper handling of file uploads, enabling malicious actors to upload and execute PHP files. | ||||
| CVE-2025-59286 | 1 Microsoft | 4 365, 365 Copilot, 365 Copilot Business Chat and 1 more | 2026-01-02 | 9.3 Critical |
| Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-59272 | 1 Microsoft | 4 365, 365 Copilot, 365 Copilot Business Chat and 1 more | 2026-01-02 | 9.3 Critical |
| Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to perform information disclosure locally. | ||||
| CVE-2025-59252 | 1 Microsoft | 3 365, 365 Copilot, 365 Word Copilot | 2026-01-02 | 9.3 Critical |
| Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-62222 | 1 Microsoft | 3 Github Copilot Chat, Visual Studio, Visual Studio Code Copilot Chat Extension | 2026-01-02 | 8.8 High |
| Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-62214 | 1 Microsoft | 2 Visual Studio, Visual Studio 2022 | 2026-01-02 | 6.7 Medium |
| Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code locally. | ||||
| CVE-2025-67436 | 1 Pluxml | 1 Pluxml | 2026-01-02 | 6.5 Medium |
| Authenticated Remote Code Execution (RCE) in PluXml CMS 5.8.22 allows an attacker with administrator panel access to inject a malicious PHP webshell into a theme file (e.g., home.php). | ||||
| CVE-2025-50526 | 1 Netgear | 2 Ex8000, Ex8000 Firmware | 2026-01-02 | 9.8 Critical |
| Netgear EX8000 V1.0.0.126 was discovered to contain a command injection vulnerability via the switch_status function. | ||||
| CVE-2025-69201 | 2025-12-31 | N/A | ||
| Tugtainer is a self-hosted app for automating updates of docker containers. In versions prior to 1.15.1, arbitary arguments can be injected in tugtainer-agent `POST api/command/run`. Version 1.15.1 fixes the issue. | ||||
| CVE-2025-63604 | 1 Baryhuang | 2 Aws Resources Mcp Server, Mcp-server-aws-resources-python | 2025-12-31 | 6.5 Medium |
| A code injection vulnerability exists in baryhuang/mcp-server-aws-resources-python 0.1.0 that allows remote code execution through insufficient input validation in the execute_query method. The vulnerability stems from the exposure of dangerous Python built-in functions (__import__, getattr, hasattr) in the execution namespace and the direct use of exec() to execute user-supplied code. An attacker can craft malicious queries to execute arbitrary Python code, leading to AWS credential theft (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY), file system access, environment variable disclosure, and potential system compromise. The vulnerability allows attackers to bypass intended security controls and gain unauthorized access to sensitive AWS resources and credentials stored in the server's environment. | ||||
| CVE-2025-14706 | 2 Sgwbox, Shiguangwu | 3 N3, N3 Firmware, Sgwbox N3 | 2025-12-31 | 9.8 Critical |
| A vulnerability was identified in Shiguangwu sgwbox N3 2.0.25. This impacts an unknown function of the file /usr/sbin/http_eshell_server of the component NETREBOOT Interface. Such manipulation leads to command injection. The attack can be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-64052 | 1 Fanvil | 3 X210, X210 Firmware, X210 V2 | 2025-12-31 | 5.1 Medium |
| An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to execute arbitrary system commands. | ||||
| CVE-2025-15192 | 2 D-link, Dlink | 3 Dwr-m920, Dwr-m920, Dwr-m920 Firmware | 2025-12-30 | 6.3 Medium |
| A security vulnerability has been detected in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub_415328 of the file /boafrm/formLtefotaUpgradeQuectel. Such manipulation of the argument fota_url leads to command injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2025-15191 | 2 D-link, Dlink | 3 Dwr-m920, Dwr-m920, Dwr-m920 Firmware | 2025-12-30 | 6.3 Medium |
| A weakness has been identified in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub_4155B4 of the file /boafrm/formLtefotaUpgradeFibocom. This manipulation of the argument fota_url causes command injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. | ||||
| CVE-2025-15048 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2025-12-30 | 7.3 High |
| A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/CheckTools of the component HTTP Request Handler. Executing manipulation of the argument ipaddress can lead to command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2023-40263 | 1 Unify | 1 Openscape Voice Trace Manager | 2025-12-30 | 8.8 High |
| An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It allows authenticated command injection via ftp. | ||||
| CVE-2025-63674 | 1 Blurams | 3 A31c, A31c Firmware, Lumi Security Camera A31c | 2025-12-30 | 6.1 Medium |
| An issue in Blurams Lumi Security Camera (A31C) v23.1227.472.2926 allows local physical attackers to execute arbitrary code via overriding the bootloader on the SD card. | ||||
| CVE-2022-2068 | 7 Broadcom, Debian, Fedoraproject and 4 more | 49 Sannav, Debian Linux, Fedora and 46 more | 2025-12-30 | 9.8 Critical |
| In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze). | ||||