Total
3598 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-59046 | 2026-04-15 | 9.8 Critical | ||
| The npm package `interactive-git-checkout` is an interactive command-line tool that allows users to checkout a git branch while it prompts for the branch name on the command-line. It is available as an npm package and can be installed via `npm install -g interactive-git-checkout`. Versions up to and including 1.1.4 of the `interactive-git-checkout` tool are vulnerable to a command injection vulnerability because the software passes the branch name to the `git checkout` command using the Node.js child process module's `exec()` function without proper input validation or sanitization. Commit 8dd832dd302af287a61611f4f85e157cd1c6bb41 fixes the issue. | ||||
| CVE-2025-53107 | 2026-04-15 | 7.5 High | ||
| @cyanheads/git-mcp-server is an MCP server designed to interact with Git repositories. Prior to version 2.1.5, there is a command injection vulnerability caused by the unsanitized use of input parameters within a call to child_process.exec, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges. The server constructs and executes shell commands using unvalidated user input directly within command-line strings. This introduces the possibility of shell metacharacter injection (|, >, &&, etc.). An MCP Client can be instructed to execute additional actions for example via indirect prompt injection when asked to read git logs. This issue has been patched in version 2.1.5. | ||||
| CVE-2025-11045 | 1 Wayos | 5 Lq-04, Lq-05, Lq-06 and 2 more | 2026-04-15 | 7.3 High |
| A vulnerability was identified in WAYOS LQ_04, LQ_05, LQ_06, LQ_07 and LQ_09 22.03.17. This affects an unknown function of the file /usb_paswd.asp. The manipulation of the argument Name leads to command injection. The attack can be initiated remotely. The exploit is publicly available and might be used. | ||||
| CVE-2025-4009 | 2026-04-15 | N/A | ||
| The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among other features. The application has been developed in PHP with the webEASY SDK, also named ‘ewb’ by Evertz. This web interface has two endpoints that are vulnerable to arbitrary command injection (CVE-2025-4009, CVE-2025-10364) and the authentication mechanism has a flaw leading to authentication bypass (CVE-2025-10365). CVE-2025-4009 covers the command injection in feature-transfer-import.php CVE-2025-10364 covers the command injection in feature-transfer-export.php Remote unauthenticated attackers can gain arbitrary command execution with elevated privileges ( root ) on affected devices. This level of access could lead to serious business impact such as the interruption of media streaming, modification of media being streamed, alteration of closed captions being generated, among others. | ||||
| CVE-2024-28041 | 1 Kddi | 1 Hgw Bli500hm Firmware | 2026-04-15 | 8.8 High |
| HGW BL1500HM Ver 002.001.013 and earlier allows a network-adjacent unauthenticated attacker to execute an arbitrary command. | ||||
| CVE-2025-57521 | 1 Bambulab | 1 Bambu Studio | 2026-04-15 | 6.1 Medium |
| Bambu Studio 2.1.1.52 and earlier is affected by a vulnerability that allows arbitrary code execution during application startup. The application loads a network plugin without validating its digital signature or verifying its authenticity. A local attacker can exploit this behavior by placing a malicious component in the expected location, which is controllable by the attacker (e.g., under %APPDATA%), resulting in code execution within the context of the user. The main application is digitally signed, which may allow a malicious component to inherit trust and evade detection by security solutions that rely on signed parent processes. | ||||
| CVE-2024-53919 | 2026-04-15 | 7.6 High | ||
| An injection vulnerability in Barco ClickShare CX-30/20, C-5/10, and ClickShare Bar Pro and Core models, running firmware before 2.21.1, allows physically proximate attackers or local admins to the webUI to trigger OS-level command execution as root. | ||||
| CVE-2025-52377 | 2026-04-15 | 5.4 Medium | ||
| Command injection vulnerability in Nexxt Solutions NCM-X1800 Mesh Router versions UV1.2.7 and below, allowing authenticated attackers to execute arbitrary commands on the device. The vulnerability is present in the web management interface's ping and traceroute functionality, specifically in the /web/um_ping_set.cgi endpoint. The application fails to properly sanitize user input in the `Ping_host_text` parameter before passing it to the underlying system command, allowing attackers to inject and execute arbitrary shell commands as the root user. | ||||
| CVE-2025-44023 | 1 Dlink | 2 Dns-320, Dns-320lw | 2026-04-15 | 6.5 Medium |
| An issue in dlink DNS-320 v.1.00 and DNS-320LW v.1.01.0914.20212 allows an attacker to execute arbitrary via the account_mgr.cgi->cgi_chg_admin_pw components. | ||||
| CVE-2025-58358 | 2026-04-15 | 7.5 High | ||
| Markdownify is a Model Context Protocol server for converting almost anything to Markdown. Versions below 0.0.2 contain a command injection vulnerability, caused by the unsanitized use of input parameters within a call to child_process.exec, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges. The server constructs and executes shell commands using unvalidated user input directly within command-line strings. This introduces the possibility of shell metacharacter injection (|, >, &&, etc.). This issue is fixed in version 0.0.2. | ||||
| CVE-2024-12442 | 2026-04-15 | 9.8 Critical | ||
| EnerSys AMPA versions 24.04 through 24.16, inclusive, are vulnerable to command injection leading to privileged remote shell access. | ||||
| CVE-2024-51442 | 2026-04-15 | 8.8 High | ||
| Command Injection in Minidlna version v1.3.3 and before allows an attacker to execute arbitrary OS commands via a specially crafted minidlna.conf configuration file. | ||||
| CVE-2025-57633 | 2026-04-15 | 9.8 Critical | ||
| A command injection vulnerability in FTP-Flask-python through 5173b68 allows unauthenticated remote attackers to execute arbitrary OS commands. The /ftp.html endpoint's "Upload File" action constructs a shell command from the ftp_file parameter and executes it using os.system() without sanitization or escaping. | ||||
| CVE-2025-3621 | 2026-04-15 | 9.6 Critical | ||
| Vulnerabilities* in ActADUR local server product, developed and maintained by ProTNS, allows Remote Code Inclusion on host systems. * vulnerabilities: * Improper Neutralization of Special Elements used in a Command ('Command Injection') * Use of Hard-coded Credentials * Improper Authentication * Binding to an Unrestricted IP Address The vulnerability has been rated as critical.This issue affects ActADUR: from v2.0.1.9 before v2.0.2.0., hence updating to version v2.0.2.0. or above is required. | ||||
| CVE-2024-48747 | 1 Alist Project | 1 Alist | 2026-04-15 | 6.8 Medium |
| An issue in alist-tvbox v1.7.1 allows a remote attacker to execute arbitrary code via the /atv-cli file. | ||||
| CVE-2025-63258 | 1 H3c | 3 Erg3, Erg5, Xiaobei | 2026-04-15 | 6.5 Medium |
| A remote command execution (RCE) vulnerability was discovered in all H3C ERG3/ERG5 series routers and XiaoBei series routers, cloud gateways, and wireless access points (versions R0162P07, UAP700-WPT330-E2265, UAP672-WPT330-R2262, UAP662E-WPT330-R2262P03, WAP611-WPT330-R1348-OASIS, WAP662-WPT330-R2262, WAP662H-WPT330-R2262, USG300V2-WPT330-R2129, MSG300-WPT330-R1350, and MSG326-WPT330-R2129). Attackers are able to exploit this vulnerability via injecting crafted commands into the sessionid parameter. | ||||
| CVE-2024-30213 | 1 Stonefly | 1 Storage Concentrator | 2026-04-15 | 8.8 High |
| StoneFly Storage Concentrator (SC and SCVM) before 8.0.4.26 allows remote authenticated users to achieve Command Injection via a Ping URL, leading to remote code execution. | ||||
| CVE-2025-12155 | 1 Google | 1 Cloud Looker | 2026-04-15 | N/A |
| A Command Injection vulnerability, resulting from improper file path sanitization (Directory Traversal) in Looker allows an attacker with Developer permission to execute arbitrary shell commands when a user is deleted on the host system. Looker-hosted and Self-hosted were found to be vulnerable. This issue has already been mitigated for Looker-hosted instances. No user action is required for these. Self-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted. The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ : * 24.12.100+ * 24.18.192+ * 25.0.69+ * 25.6.57+ * 25.8.39+ * 25.10.22+ | ||||
| CVE-2024-32884 | 1 Byron | 1 Gitoxide | 2026-04-15 | 6.4 Medium |
| gitoxide is a pure Rust implementation of Git. `gix-transport` does not check the username part of a URL for text that the external `ssh` program would interpret as an option. A specially crafted clone URL can smuggle options to SSH. The possibilities are syntactically limited, but if a malicious clone URL is used by an application whose current working directory contains a malicious file, arbitrary code execution occurs. This is related to the patched vulnerability GHSA-rrjw-j4m2-mf34, but appears less severe due to a greater attack complexity. This issue has been patched in versions 0.35.0, 0.42.0 and 0.62.0. | ||||
| CVE-2024-55414 | 2026-04-15 | 9.8 Critical | ||
| A vulnerability exits in driver SmSerl64.sys in Motorola SM56 Modem WDM Driver v6.12.23.0, which allows low-privileged users to mapping physical memory via specially crafted IOCTL requests . This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code. | ||||