Search Vulnerabilities

Command injection through unsanitized YAML parameter in Rancher

Jun 19, 2026

CVE-2026-53875

picklescan - Scanning Bypass via Dynamic Eval in scan_pytorch

CVE-2026-47103

Python StateMachine 3.0.0 < 3.2.0 RCE via SCXML eval() Injection

CVE-2026-52858

Vim: Arbitrary Code Execution via Python Omni-Completion

CVE-2026-47167

Vim: Vimscript Code Injection in cucumber filetype plugin via crafted step-definition regex

CVE-2026-11422

Markdown Preview Enhanced 0.8.x Code Injection via WaveDrom Rendering

CVE-2026-50733

Markdown Preview Enhanced Arbitrary Code Execution via WaveDrom eval()

CVE-2026-8914

Command injection in Profile change function

CVE-2026-48962

IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob

May 27, 2026

CVE-2026-46586

Apache OFBiz: Improper Validation in traverseContent Service Enables Authenticated Groovy Code Execution

May 19, 2026

CVE-2026-42603

OWASP BLT: pre-commit-fix.yaml executes untrusted fork code via pull_request_target

CVE-2026-44643

Angular Expressions - Remote Code Execution using filters

CVE-2026-44128

Unauthenticated Remote Code Execution

May 8, 2026

CVE-2026-42079

PPTAgent: Arbitrary Code Execution via Python eval() of LLM-Generated Code with Builtins in Scope

May 4, 2026

CVE-2026-6652

Pagekit CMS StringStorage Template PhpEngine.php evaluate eval injection

Apr 20, 2026

CVE-2026-40316

OWASP BLT has RCE in Github Actions via untrusted Django model execution in workflow

Apr 15, 2026

CVE-2026-39423

Stored XSS via Eval Injection in EchartsRander Component

Apr 14, 2026

CVE-2026-33618

Chamilo LMS Affected by Remote Code Execution via eval() in Platform Settings

Apr 10, 2026

CVE-2026-5971

FoundationAgents MetaGPT XML action_node.py ActionNode.xml_fill eval injection

Apr 9, 2026

CVE-2026-4837

Eval Injection in Rapid7 Insight Agent

Apr 8, 2026

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2026-44939

Command injection through unsanitized YAML parameter in Rancher

Jun 19, 2026

CVE-2026-53875

picklescan - Scanning Bypass via Dynamic Eval in scan_pytorch

CVE-2026-47103

Python StateMachine 3.0.0 < 3.2.0 RCE via SCXML eval() Injection

CVE-2026-52858

Vim: Arbitrary Code Execution via Python Omni-Completion

CVE-2026-47167

Vim: Vimscript Code Injection in cucumber filetype plugin via crafted step-definition regex

CVE-2026-11422

Markdown Preview Enhanced 0.8.x Code Injection via WaveDrom Rendering

CVE-2026-50733

Markdown Preview Enhanced Arbitrary Code Execution via WaveDrom eval()

CVE-2026-8914

Command injection in Profile change function

CVE-2026-48962

IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob

May 27, 2026

CVE-2026-46586

Apache OFBiz: Improper Validation in traverseContent Service Enables Authenticated Groovy Code Execution

May 19, 2026

CVE-2026-42603

OWASP BLT: pre-commit-fix.yaml executes untrusted fork code via pull_request_target

CVE-2026-44643

Angular Expressions - Remote Code Execution using filters

CVE-2026-44128

Unauthenticated Remote Code Execution

May 8, 2026

CVE-2026-42079

PPTAgent: Arbitrary Code Execution via Python eval() of LLM-Generated Code with Builtins in Scope

May 4, 2026

CVE-2026-6652

Pagekit CMS StringStorage Template PhpEngine.php evaluate eval injection

Apr 20, 2026

CVE-2026-40316

OWASP BLT has RCE in Github Actions via untrusted Django model execution in workflow

Apr 15, 2026

CVE-2026-39423

Stored XSS via Eval Injection in EchartsRander Component

Apr 14, 2026

CVE-2026-33618

Chamilo LMS Affected by Remote Code Execution via eval() in Platform Settings

Apr 10, 2026

CVE-2026-5971

FoundationAgents MetaGPT XML action_node.py ActionNode.xml_fill eval injection

Apr 9, 2026

CVE-2026-4837