CVE-2026-42588

Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy...

CVE-2026-45505

Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Non-parenthesized discovery wrappers such as masterslave:vm://...,... and static:vm://... incorrectly pass validation allowing bypass o...

ROS-20260420-73-0029

Vulnerability in moodle related to incorrect code generation control. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

CVE-2026-32573

Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.7...

ROS-20260320-73-0011

A vulnerability in the cmd/cgo component of the Go programming language is related to incorrect code generation control. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

EUVD-2026-10704

rssn is a scientific computing library for Rust, combining a high-performance symbolic computation engine with numerical methods support and physics simulations functionalities. The vulnerability exists in the JIT Just-In-Time compilation engine, which is fully exposed via the CFFI Foreign Functi...

ROS-20251029-06

Vulnerability of drm/amdgpu components of Linux kernel is related to dereferencing of pointer NULL. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the Redis database management system DBMS is related to integer overflow. Exploitation of t...

VulnCheck KEV: CVE-2025-6204

An Improper Control of Generation of Code Code Injection vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code...

CVE-2025-62023 WordPress s2Member plugin <= 250905 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Cristián Lávaque s2Member s2member.This issue affects s2Member: from n/a through = 250905...

EUVD-2021-9482

Malicious code in bioql PyPI...

ROS-20250924-09

The sftpdecodechanneldatatopacket function of the libssh library has a vulnerability related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service Vulnerability in libssh library's sshgetfingerprinthash function is...

CVE-2025-48169

Improper Control of Generation of Code 'Code Injection' vulnerability in Jordy Meow Code Engine code-engine allows Remote Code Inclusion.This issue affects Code Engine: from n/a through = 0.3.3...

CVE-2025-53577

Improper Control of Generation of Code 'Code Injection' vulnerability in thehp Global DNS global-dns allows Remote Code Inclusion.This issue affects Global DNS: from n/a through = 3.1.0...

CVE-2025-53577

CVE-2025-53577 : WordPress plugin Global DNS (versions up to 3.1.0) suffers an improper control of code generation leading to Remote Code Execution (RCE)/Remote Code Inclusion. The issue, described as a Code Injection vulnerability, is exploitable remotely over the network and is rated with a hig...

CVE-2025-39483

Improper Control of Generation of Code 'Code Injection' vulnerability in imithemes Eventer allows Code Injection.This issue affects Eventer: from n/a before 3.9.9.1...

Joomla! 安全漏洞

Joomla! is a free, open source content management system from Joomla! open source. A security vulnerability exists in Joomla! prior to version 11.0.0, which stems from a remote code execution vulnerability due to improper code generation control...

WordPress plugin WishList Member X Code Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A code injection...

LiteLLM 代码注入漏洞

LiteLLM is an open source application from Berri AI. All LLM APIs can be called using the OpenAI format. LiteLLM suffers from a code injection vulnerability that stems from improper control over code generation, leading to a remote code execution RCE vulnerability...

CVE-2022-40628

The CVE-2022-40628 affects Tacitine Firewall EN6200-PRIME QUAD-35 and EN6200-PRIME QUAD-100, versions 19.1.1–22.20.1. Root cause: improper control of code generation in the web-based management interface, enabling an unauthenticated remote attacker to send a crafted HTTP request and execute arbit...

PT-2022-17811 · Hestiacp · Hestiacp

Name of the Vulnerable Software and Affected Versions: hestiacp/hestiacp versions prior to 1.6.6 Description: The issue is related to improper control of generation of code, also known as 'code injection', and improper input validation in the hestiacp/hestiacp GitHub repository. Recommendations:...