Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Chamilo: Evaluation of untrusted user input leads to Remote Code Execution
In the query parser in OpenStack Vitrage before 12
n8n has Unauthenticated Expression Evaluation via Form Node
Budibase Vulnerable to Remote Code Execution via Unsafe eval() in View Filter Map Function (Budibase Cloud)
LAN Code Execution on TP-Link Archer MR200, Archer C20, TL-WR850N and TL-WR845N
PHP-Fusion 9.03.50 - 'panels.php' Eval Injection
Command Injection in nvm via NVM_AUTH_HEADER in wget code path
Authenticated users can bypass the Expression sandbox mechanism to achieve full remote code execution on n8n’s main node.
Dioxus Components has JavaScript injection via user-supplied IDs
Langflow eval_custom_component_code Eval Injection Remote Code Execution Vulnerability
AlchemyCMS has Authenticated Remote Code Execution (RCE) via eval injection in ResourcesHelper
Sandbox escape in n8n Python task runner allows for arbitrary code execution on the underlying host.
Unauthenticated Remote Code Execution in openc3-api
Xspeeder SXZOS through 2025-12-26 allows root remote code execution via base64-encoded Python code in the chkid parameter to vLogin
XWiki vulnerable to remote code execution through insufficient protection against {{/html}} injection
RCE in Wirtualna Uczelnia
Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events
F5OS vulnerability
WordPress Plugin is-human <= v1.4.2 Eval Injection RCE
Horilla vulnerable to authenticated RCE via eval() in project_bulk_archive
Showing 1 - 20 of 1,000+ results