CVE-2026-27510

Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree Go2 Android application com.unitree.doggo2, are vulnerable to remote code execution due to missing integrity protection and validation of user-created programmes. The Android application stores programs in a local SQLi...

CVE-2026-27510 Unitree Go2 Mobile Program Tampering Enables Root RCE

Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree Go2 Android application com.unitree.doggo2, are vulnerable to remote code execution due to missing integrity protection and validation of user-created programmes. The Android application stores programs in a local SQLi...

CVE-2025-14927

Hugging Face Transformers SEW-D convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

CVE-2025-33184

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component, where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

EUVD-2018-8022

Malware in sbrugna...

EUVD-2018-17775

Malware in sbrugna...

EUVD-2020-7345

Malware in sbrugna...

EUVD-2025-24605

Malicious code in bioql PyPI...

EUVD-2025-12263

Malicious code in bioql PyPI...

CVE-2025-23296

NVIDIA Isaac-GR00T for all platforms contains a vulnerability in a Python component where an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

CVE-2025-23295

NVIDIA Apex for all platforms contains a vulnerability in a Python component where an attacker could cause a code injection issue by providing a malicious file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data...

CVE-2020-15348

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows use of live/CPEManager/AXCampaignManager/deletecpesbyids?cpeids= for eval injection of Python code...

CVE-2019-17526

An issue was discovered in SageMath Sage Cell Server through 2019-10-05. Python Code Injection can occur in the context of an internet facing web application. Malicious actors can execute arbitrary commands on the underlying operating system, as demonstrated by an import'os'.popen'whoami'.read...

CVE-2025-43948

Codemers KLIMS 1.6.DEV allows Python code injection. A user can provide Python code as an input value for a parameter or qualifier such as for sorting, which will get executed on the server side...

CVE-2025-43948

Codemers KLIMS 1.6.DEV allows Python code injection. A user can provide Python code as an input value for a parameter or qualifier such as for sorting, which will get executed on the server side...

PT-2025-17580 · Codemers · Codemers Klims

Name of the Vulnerable Software and Affected Versions: Codemers KLIMS version 1.6.DEV Description: The issue allows Python code injection. A user can provide Python code as an input value for a parameter or qualifier, such as for sorting, which will get executed on the server side. Recommendation...

CVE-2025-43948

Codemers KLIMS 1.6.DEV allows Python code injection. A user can provide Python code as an input value for a parameter or qualifier such as for sorting, which will get executed on the server side...

CVE-2025-43948

Codemers KLIMS 1.6.DEV allows Python code injection. A user can provide Python code as an input value for a parameter or qualifier such as for sorting, which will get executed on the server side...

CVE-2025-43948

CVE-2025-43948 affects Codemers KLIMS 1.6.DEV, where an input value for parameters/qualifiers can carry Python code that is executed on the server side, enabling remote code execution. Documents confirm the issue is due to Python code injection in KLIMS 1.6.DEV and describe potential server-side ...

CVE-2024-43404 Remote Code Execution Vulnerability in MEGABOT

MEGABOT is a fully customized Discord bot for learning and fun. The /math command and functionality of MEGABOT versions 1.5.0 contains a remote code execution vulnerability due to a Python eval. The vulnerability allows an attacker to inject Python code into the expression parameter when using...