Code Injection

SambaBox versions 5.1 to before 5.3 are vulnerable to OS command injection via improper control of code generation (CVE-2026-3120), potentially allowing attackers with high privileges to execute arbitrary commands on the underlying system.

A remote code injection vulnerability exists in AV Stumpfl Pixera Two Media Server versions up to 25.2 R2 due to improper handling within the Websocket API, potentially allowing unauthenticated attackers to execute arbitrary code.

IBM Langflow Desktop versions 1.0.0 through 1.8.4 are vulnerable to remote command execution, allowing an attacker to execute arbitrary commands with the privileges of the Langflow process, potentially leading to sensitive data exposure and lateral movement.

Cockpit CMS is vulnerable to authenticated remote code execution via PHP code injection in the /cockpit/collections/save_collection endpoint, enabling attackers with collection management privileges to execute arbitrary commands on the server.

AgentFlow is vulnerable to arbitrary code execution (CVE-2026-7466) by manipulating the `pipeline_path` parameter in POST requests to `/api/runs` and `/api/runs/validate`, allowing attackers to execute arbitrary Python code.

The CI4MS Backup restore function is vulnerable to Zip Slip, allowing remote code execution by uploading a malicious ZIP archive that writes PHP files to the public web root due to missing validation of entry names during extraction, affecting versions prior to 0.31.5.0.

A code injection vulnerability exists in modelscope agentscope up to version 1.0.18, specifically affecting the execute_python_code/execute_shell_command functions, allowing for remote code execution.

A prototype pollution vulnerability (CVE-2026-6594) in brikcss merge up to version 1.3.0 allows remote attackers to modify object prototype attributes by manipulating the __proto__/constructor.prototype/prototype argument.

A code injection vulnerability, CVE-2026-5970, exists in FoundationAgents MetaGPT up to version 0.8.1, allowing remote attackers to execute arbitrary code via manipulation of the `check_solution` function in the HumanEvalBenchmark/MBPPBenchmark component.

A code injection vulnerability exists in FoundationAgents MetaGPT <= 0.8.1 within the ActionNode.xml_fill function, allowing remote attackers to inject code due to improper neutralization of directives in dynamically evaluated code.

An authenticated remote attacker with high privileges can exploit the OpenVPN configuration via the web-based management interface of a WAGO PLC to achieve arbitrary command execution on the device.

A code injection vulnerability exists in PowerJob versions 5.1.0, 5.1.1, and 5.1.2, allowing remote attackers to execute arbitrary code via the GroovyEvaluator.evaluate function in the OpenAPI Endpoint component by manipulating the nodeParams argument.

A remote code injection vulnerability exists in assafelovic gpt-researcher versions up to 3.4.3 due to improper handling of the 'args' argument in the extract_command_data function, potentially allowing attackers to execute arbitrary code.

A code injection vulnerability (CVE-2026-5584) exists in Fosowl agenticSeek 0.1.0, allowing remote attackers to execute arbitrary code by manipulating the query endpoint through the PyInterpreter.execute function.

A code injection vulnerability exists in provectus kafka-ui up to version 0.7.2, specifically affecting the validateAccess function within the /api/smartfilters/testexecutions endpoint, allowing remote attackers to inject code.

DedeCMS 5.7.118 is vulnerable to remote code execution via crafted setup tag values during a module upload, as exploited by an unauthenticated attacker (CVE-2026-30643).

A local attacker can exploit CVE-2026-35093 in libinput by placing a specially crafted Lua bytecode file in configuration directories, allowing arbitrary code execution with the privileges of the application using libinput.

XenForo before 2.3.9 and 2.2.18 allows remote code execution by authenticated, malicious admin users with admin panel access.

XenForo before 2.3.7 is vulnerable to code injection due to a loose prefix match for methods accessible within templates, potentially allowing unauthorized method invocations.

letta-ai letta version 0.16.4 contains a remote code injection vulnerability (CVE-2026-4965) in the resolve_type function of ast_parsers.py, stemming from improper neutralization of directives in dynamically evaluated code, allowing unauthenticated remote attackers to execute arbitrary code.

Multiple critical vulnerabilities in n8n, including prototype pollution, code injection, and SQL injection, allow authenticated users to achieve remote code execution, read sensitive files, and perform unauthorized database operations.

Multiple critical vulnerabilities in n8n versions prior to 2.10.1, 2.9.3, and 1.123.22 enable authenticated users to execute arbitrary code and system commands, potentially leading to full system compromise.

Contour's Cookie Rewriting feature is vulnerable to Lua code injection; an attacker with RBAC permissions to create or modify HTTPProxy resources can craft a malicious value in the `spec.routes[].cookieRewritePolicies[].pathRewrite.value` or `spec.routes[].services[].cookieRewritePolicies[].pathRewrite.value` fields, resulting in arbitrary code execution in the Envoy proxy.

pyp2spec before 0.14.1 is vulnerable to code injection by writing PyPI package metadata into generated spec files without escaping RPM macro directives, allowing malicious packages to execute arbitrary commands on the build machine.

Unauthenticated attackers can exploit a PHP code injection vulnerability in OpenCATS versions prior to commit 3002a29 by injecting malicious PHP code into the installer's AJAX endpoint, leading to arbitrary code execution.

A critical RCE vulnerability in OpenLearnX allows for sandbox escape and arbitrary command execution in versions prior to 2.0.3.