Search Vulnerabilities

Pagekit CMS StringStorage Template PhpEngine.php evaluate eval injection

OWASP BLT has RCE in Github Actions via untrusted Django model execution in workflow

Stored XSS via Eval Injection in EchartsRander Component

Chamilo LMS Affected by Remote Code Execution via eval() in Platform Settings

FoundationAgents MetaGPT XML action_node.py ActionNode.xml_fill eval injection

Eval Injection in Rapid7 Insight Agent

Dolibarr ERP/CRM < 23.0.2 Authenticated RCE via dol_eval_standard()

Agno < 2.3.24 field_type Eval Injection Arbitrary Code Execution

Tautulli: RCE via eval() sandbox bypass using lambda nested scope to escape co_names whitelist check

GRID::Machine versions through 0.127 for Perl allows arbitrary code execution via unsafe deserialization

letta-ai letta Incomplete Fix CVE-2025-6101 ast_parsers.py resolve_type eval injection

Woocommerce Custom Product Addons Pro <= 5.4.1 - Unauthenticated Remote Code Execution via Custom Pricing Formula

Langflow has Unauthenticated Remote Code Execution via Public Flow Build Endpoint

Affected devices do not properly sanitize contents of trace files

Locutus: Remote Code Execution (RCE) in locutus call_user_func_array due to Code Injection

Chamilo: Evaluation of untrusted user input leads to Remote Code Execution

In the query parser in OpenStack Vitrage before 12

n8n has Unauthenticated Expression Evaluation via Form Node

Budibase Vulnerable to Remote Code Execution via Unsafe eval() in View Filter Map Function (Budibase Cloud)

LAN Code Execution on TP-Link Archer MR200, Archer C20, TL-WR850N and TL-WR845N