Search Vulnerabilities

Unauthenticated Remote Code Execution in openc3-api

Jan 13, 2026

CVE-2025-54322

Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code in the chkid parameter to vLogin

Dec 27, 2025

CVE-2025-66474

XWiki vulnerable to remote code execution through insufficient protection against {{/html}} injection

Dec 10, 2025

CVE-2025-12140

RCE in Wirtualna Uczelnia

Nov 27, 2025

CVE-2025-64496

Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events

Nov 8, 2025

CVE-2025-61955

F5OS vulnerability

CVE-2011-10033

WordPress Plugin is-human <= v1.4.2 Eval Injection RCE

CVE-2025-48868

Horilla vulnerable to authenticated RCE via eval() in project_bulk_archive

Sep 24, 2025

CVE-2025-55728

XWiki Remote Macros vulnerable to remote code execution using the panel macro

CVE-2025-55727

XWiki Remote Macros vulnerable to remote code execution from width parameter in the column macro

CVE-2025-58365

XWiki Blog Application: Privilege Escalation (PR) from account through blog content

Sep 8, 2025

CVE-2025-8420

Request a Quote Form Plugin <= 2.5.2 - Unauthenticated Limited Remote Code Execution

Aug 6, 2025

CVE-2013-10070

PHP-Charts v1.0 PHP Code Execution

Aug 5, 2025

CVE-2013-10051

InstantCMS <= 1.6 Remote PHP Code Execution

Aug 1, 2025

CVE-2025-3753

Unsafe use of eval() method in rosbag tool

CVE-2024-41921

Unsafe use of eval() method in rostopic echo tool

CVE-2024-41148

Unsafe use of eval() method in rostopic hz tool

CVE-2024-39835

Unsafe use of eval() method in roslaunch tool

CVE-2024-39289

Unsafe use of eval() method in rosparam tool

CVE-2025-6101

MEDIUM

letta-ai letta interface.py function_message eval injection

Jun 16, 2025

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2025-68271

Unauthenticated Remote Code Execution in openc3-api

Jan 13, 2026

CVE-2025-54322

Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code in the chkid parameter to vLogin

Dec 27, 2025

CVE-2025-66474

XWiki vulnerable to remote code execution through insufficient protection against {{/html}} injection

Dec 10, 2025

CVE-2025-12140

RCE in Wirtualna Uczelnia

Nov 27, 2025

CVE-2025-64496

Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events

Nov 8, 2025

CVE-2025-61955

F5OS vulnerability

CVE-2011-10033

WordPress Plugin is-human <= v1.4.2 Eval Injection RCE

CVE-2025-48868

Horilla vulnerable to authenticated RCE via eval() in project_bulk_archive

Sep 24, 2025

CVE-2025-55728

XWiki Remote Macros vulnerable to remote code execution using the panel macro

CVE-2025-55727

XWiki Remote Macros vulnerable to remote code execution from width parameter in the column macro

CVE-2025-58365

XWiki Blog Application: Privilege Escalation (PR) from account through blog content

Sep 8, 2025

CVE-2025-8420

Request a Quote Form Plugin <= 2.5.2 - Unauthenticated Limited Remote Code Execution

Aug 6, 2025

CVE-2013-10070

PHP-Charts v1.0 PHP Code Execution

Aug 5, 2025

CVE-2013-10051

InstantCMS <= 1.6 Remote PHP Code Execution

Aug 1, 2025

CVE-2025-3753

Unsafe use of eval() method in rosbag tool

CVE-2024-41921

Unsafe use of eval() method in rostopic echo tool

CVE-2024-41148

Unsafe use of eval() method in rostopic hz tool

CVE-2024-39835

Unsafe use of eval() method in roslaunch tool

CVE-2024-39289

Unsafe use of eval() method in rosparam tool

CVE-2025-6101

MEDIUM

letta-ai letta interface.py function_message eval injection