CVE-2026-42588

Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy...

CVE-2026-45505

Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Non-parenthesized discovery wrappers such as masterslave:vm://...,... and static:vm://... incorrectly pass validation allowing bypass o...

ROS-20260420-73-0029

Vulnerability in moodle related to incorrect code generation control. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

CVE-2026-32573

Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.7...

CVE-2026-32367

Improper Control of Generation of Code 'Code Injection' vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through = 3.5.16...

CVE-2026-32573

Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.7...

CVE-2026-32525

Improper Control of Generation of Code 'Code Injection' vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through = 3.5.6.1...

ROS-20260320-73-0011

A vulnerability in the cmd/cgo component of the Go programming language is related to incorrect code generation control. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

EUVD-2026-10704

rssn is a scientific computing library for Rust, combining a high-performance symbolic computation engine with numerical methods support and physics simulations functionalities. The vulnerability exists in the JIT Just-In-Time compilation engine, which is fully exposed via the CFFI Foreign Functi...

CVE-2025-11837

CVE-2025-11837 affects Malware Remover and is due to an improper control of generation of code vulnerability. Public sources describe remote exploitation (attack vector: NETWORK) with no user interaction, enabling attackers to bypass protection mechanisms and impact confidentiality, integrity, an...

WordPress plugin IF AS Shortcode 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code injectio...

CVE-2025-66078

Improper Control of Generation of Code 'Code Injection' vulnerability in jetmonsters Hotel Booking Lite motopress-hotel-booking-lite allows Remote Code Inclusion.This issue affects Hotel Booking Lite: from n/a through = 5.2.3...

Azure Container Apps Remote Code Execution Vulnerability

Improper control of generation of code 'code injection' in Azure Container Apps allows an unauthorized attacker to execute code over a network...

CVE-2025-66533

Improper Control of Generation of Code 'Code Injection' vulnerability in StellarWP GiveWP give allows Code Injection.This issue affects GiveWP: from n/a through = 4.13.1...

ROS-20251029-06

Vulnerability of drm/amdgpu components of Linux kernel is related to dereferencing of pointer NULL. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the Redis database management system DBMS is related to integer overflow. Exploitation of t...

VulnCheck KEV: CVE-2025-6204

An Improper Control of Generation of Code Code Injection vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code...

CVE-2025-62023 WordPress s2Member plugin <= 250905 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Cristián Lávaque s2Member s2member.This issue affects s2Member: from n/a through = 250905...

EUVD-2021-9482

Malicious code in bioql PyPI...

ROS-20250924-09

The sftpdecodechanneldatatopacket function of the libssh library has a vulnerability related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service Vulnerability in libssh library's sshgetfingerprinthash function is...

CVE-2025-48169

Improper Control of Generation of Code 'Code Injection' vulnerability in Jordy Meow Code Engine code-engine allows Remote Code Inclusion.This issue affects Code Engine: from n/a through = 0.3.3...