CWE-94
Allowed-with-ReviewImproper Control of Generation of Code ('Code Injection')
Abstraction: Base · Status: Draft
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
8268 vulnerabilities reference this CWE, most recent first.
CVE-2026-55771 (GCVE-0-2026-55771)
Vulnerability from cvelistv5 – Published: 2026-07-13 19:28 – Updated: 2026-07-14 14:31| URL | Tags |
|---|---|
| https://github.com/cedar-policy/cedar-java/securi… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| cedar-policy | cedar-java |
Affected:
< 4.9.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-55771",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-14T14:23:44.626378Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-14T14:31:41.860Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cedar-java",
"vendor": "cedar-policy",
"versions": [
{
"status": "affected",
"version": "\u003c 4.9.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CedarJava is an open source Java implementation of the Cedar policy language, used for fine-grained authorization decisions. In versions prior to 4.9.0, the EntityIdentifier.equals() has inverted null/self branches which could lead to incorrect equality comparisons. The EntityIdentifier.equals() method has inverted logic for null and self-reference checks, returning true for null comparisons and false for self-comparisons. This does not affect Cedar authorization decisions (computed in Rust from JSON), but could affect integrators who perform their own equality checks on entity identifiers. This issue has been fixed in version 4.9.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-697",
"description": "CWE-697: Incorrect Comparison",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-13T19:28:00.835Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/cedar-policy/cedar-java/security/advisories/GHSA-4r9r-4425-74p7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/cedar-policy/cedar-java/security/advisories/GHSA-4r9r-4425-74p7"
}
],
"source": {
"advisory": "GHSA-4r9r-4425-74p7",
"discovery": "UNKNOWN"
},
"title": "CedarJava has policy injection, type confusion, and incorrect equality comparison vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-55771",
"datePublished": "2026-07-13T19:28:00.835Z",
"dateReserved": "2026-06-17T14:34:51.881Z",
"dateUpdated": "2026-07-14T14:31:41.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-55570 (GCVE-0-2026-55570)
Vulnerability from cvelistv5 – Published: 2026-06-24 21:24 – Updated: 2026-06-25 13:49| URL | Tags |
|---|---|
| https://github.com/siyuan-note/siyuan/security/ad… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| siyuan-note | siyuan |
Affected:
< 3.7.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-55570",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-25T13:49:21.857553Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-25T13:49:44.646Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-x88j-wgpr-h22x"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "siyuan",
"vendor": "siyuan-note",
"versions": [
{
"status": "affected",
"version": "\u003c 3.7.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, it does not escape the untrusted fields (name, version, author, description) when they are serialized into the data-obj HTML attribute of each marketplace card. Because the attribute is single-quoted and the value is produced with JSON.stringify() (which does not escape \u0027, \u003c, or \u003e), a package whose name contains a single quote breaks out of the attribute and injects arbitrary HTML. In the desktop client the main BrowserWindow runs with nodeIntegration: true, contextIsolation: false, so the injected markup escalates from DOM XSS to arbitrary OS command execution. This is the same root cause and same impact as the original advisory, reached through a sibling sink the patch did not cover. This vulnerability is fixed in 3.7.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "CWE-116: Improper Encoding or Escaping of Output",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-24T21:24:21.266Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-x88j-wgpr-h22x",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-x88j-wgpr-h22x"
}
],
"source": {
"advisory": "GHSA-x88j-wgpr-h22x",
"discovery": "UNKNOWN"
},
"title": "SiYuan: Stored XSS results to Electron RCE in SiYuan marketplace via unescaped `data-obj` attribute (Bypass for CVE-2026-45375\u0027s patch)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-55570",
"datePublished": "2026-06-24T21:24:21.266Z",
"dateReserved": "2026-06-16T23:11:20.214Z",
"dateUpdated": "2026-06-25T13:49:44.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-55441 (GCVE-0-2026-55441)
Vulnerability from cvelistv5 – Published: 2026-06-26 16:48 – Updated: 2026-06-26 18:41| URL | Tags |
|---|---|
| https://github.com/jdx/mise/security/advisories/G… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-55441",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-26T18:14:26.577413Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-26T18:41:26.486Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mise",
"vendor": "jdx",
"versions": [
{
"status": "affected",
"version": "\u003c 2026.6.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.4, mise\u0027s trust feature gates config files (mise.toml, .tool-versions) through trust_check, but task-include files are loaded on a path that never reaches it. When a directory has a task-include dir (mise-tasks/, .mise/tasks/, \u2026) but no config file, mise falls back to the default includes and renders each task\u0027s tera fields \u2014 and that tera environment has exec() registered. A {{ exec(command=\u0027\u2026\u0027) }} in any rendered field runs arbitrary commands the moment the tasks are merely listed. There\u0027s no config file to gate on, so no trust prompt ever appears. Read-only commands trigger it: mise tasks, mise task ls, mise run, mise tasks --usage (the query shell completion runs on Tab). The victim only has to cd into a cloned repo and list or tab-complete a task. This vulnerability is fixed in 2026.6.4."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732: Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-26T16:48:23.194Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/jdx/mise/security/advisories/GHSA-77g9-363w-rccq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/jdx/mise/security/advisories/GHSA-77g9-363w-rccq"
}
],
"source": {
"advisory": "GHSA-77g9-363w-rccq",
"discovery": "UNKNOWN"
},
"title": "mise: Arbitrary command execution via task-include files in an untrusted, config-less repository"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-55441",
"datePublished": "2026-06-26T16:48:23.194Z",
"dateReserved": "2026-06-16T21:59:57.017Z",
"dateUpdated": "2026-06-26T18:41:26.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-55413 (GCVE-0-2026-55413)
Vulnerability from cvelistv5 – Published: 2026-06-25 16:03 – Updated: 2026-06-25 18:01- CWE-94 - Improper Control of Generation of Code ('Code Injection')
| URL | Tags |
|---|---|
| https://github.com/ToolJet/ToolJet/security/advis… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-55413",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-25T18:01:09.665373Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-25T18:01:40.725Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/ToolJet/ToolJet/security/advisories/GHSA-jgmf-cw3v-r98x"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ToolJet",
"vendor": "ToolJet",
"versions": [
{
"status": "affected",
"version": "\u003c 3.20.178-lts"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.178-lts, any authenticated user with builder role (free tier) can overwrite a globally-shared marketplace plugin with arbitrary JavaScript that executes server-side with full Node.js access (require, process). The malicious code runs whenever any user on the instance triggers a query using that plugin \u2014 achieving both RCE and supply-chain compromise of the entire ToolJet deployment. This vulnerability is fixed in 3.20.178-lts."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-25T16:03:40.348Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ToolJet/ToolJet/security/advisories/GHSA-jgmf-cw3v-r98x",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ToolJet/ToolJet/security/advisories/GHSA-jgmf-cw3v-r98x"
}
],
"source": {
"advisory": "GHSA-jgmf-cw3v-r98x",
"discovery": "UNKNOWN"
},
"title": "ToolJet - Marketplace Plugin Poisoning Enables Instance-Wide Remote Code Execution"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-55413",
"datePublished": "2026-06-25T16:03:40.348Z",
"dateReserved": "2026-06-16T21:48:43.125Z",
"dateUpdated": "2026-06-25T18:01:40.725Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-55408 (GCVE-0-2026-55408)
Vulnerability from cvelistv5 – Published: 2026-07-07 21:02 – Updated: 2026-07-08 14:08- CWE-94 - Improper Control of Generation of Code ('Code Injection')
| URL | Tags |
|---|---|
| https://github.com/koodo-reader/koodo-reader/secu… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| koodo-reader | koodo-reader |
Affected:
< 2.3.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-55408",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T14:07:51.495637Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T14:08:02.043Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/koodo-reader/koodo-reader/security/advisories/GHSA-mjr7-w4jq-2rq9"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "koodo-reader",
"vendor": "koodo-reader",
"versions": [
{
"status": "affected",
"version": "\u003c 2.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Koodo Reader is an ebook reader. In version 2.3.0 and earlier, Koodo Reader is vulnerable to remote code execution through malicious EPUB files because the open-book IPC handler enables nodeIntegrationInSubFrames and EPUB chapter content is rendered with unsanitized innerHTML. An attacker can craft an EPUB book that, when imported and opened by the victim, instantiates a hidden iframe with Node.js API access and executes arbitrary operating system commands with the victim user\u0027s privileges. This issue is fixed in version 2.3.1."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-07T21:02:43.310Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/koodo-reader/koodo-reader/security/advisories/GHSA-mjr7-w4jq-2rq9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/koodo-reader/koodo-reader/security/advisories/GHSA-mjr7-w4jq-2rq9"
}
],
"source": {
"advisory": "GHSA-mjr7-w4jq-2rq9",
"discovery": "UNKNOWN"
},
"title": "Koodo Reader: Remote code execution via malicious epub file"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-55408",
"datePublished": "2026-07-07T21:02:43.310Z",
"dateReserved": "2026-06-16T21:48:43.124Z",
"dateUpdated": "2026-07-08T14:08:02.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-55388 (GCVE-0-2026-55388)
Vulnerability from cvelistv5 – Published: 2026-06-22 16:50 – Updated: 2026-06-23 15:51| URL | Tags |
|---|---|
| https://github.com/piscinajs/piscina/security/adv… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-55388",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-23T15:50:15.219533Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-23T15:51:04.171Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/piscinajs/piscina/security/advisories/GHSA-x9g3-xrwr-cwfg"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "piscina",
"vendor": "piscinajs",
"versions": [
{
"status": "affected",
"version": "\u003c 4.9.3"
},
{
"status": "affected",
"version": "\u003e= 5.0.0-alpha.0, \u003c 5.2.0"
},
{
"status": "affected",
"version": "\u003e= 6.0.0-rc.1, \u003c 6.0.0-rc.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "piscina is a node.js worker pool implementation. Prior to 6.0.0-rc.2, 5.2.0, and 4.9.3, piscina\u0027s constructor and run() paths read the filename option via plain member access. Both reads fall through the prototype chain when the caller\u0027s options object doesn\u0027t have filename as an own property. When Object.prototype.filename is polluted upstream the inherited value flows to worker_threads.Worker import and the attacker\u0027s .mjs runs in the worker. This vulnerability is fixed in 6.0.0-rc.2, 5.2.0, and 4.9.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "CWE-1321: Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T16:50:40.867Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/piscinajs/piscina/security/advisories/GHSA-x9g3-xrwr-cwfg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/piscinajs/piscina/security/advisories/GHSA-x9g3-xrwr-cwfg"
}
],
"source": {
"advisory": "GHSA-x9g3-xrwr-cwfg",
"discovery": "UNKNOWN"
},
"title": "piscina: Prototype Pollution Gadget \u2192 RCE via inherited options.filename"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-55388",
"datePublished": "2026-06-22T16:50:40.867Z",
"dateReserved": "2026-06-16T18:57:40.183Z",
"dateUpdated": "2026-06-23T15:51:04.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-54823 (GCVE-0-2026-54823)
Vulnerability from cvelistv5 – Published: 2026-06-25 13:12 – Updated: 2026-06-25 14:51- CWE-94 - Improper Control of Generation of Code ('Code Injection')
| URL | Tags |
|---|---|
| https://patchstack.com/database/wordpress/plugin/… | vdb-entry |
| Vendor | Product | Version | |
|---|---|---|---|
| MarketingFire | Widget Options |
Affected:
n/a , ≤ 4.2.3
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-54823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-25T14:50:39.576029Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-25T14:51:05.107Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "widget-options",
"product": "Widget Options",
"vendor": "MarketingFire",
"versions": [
{
"changes": [
{
"at": "4.2.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.2.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "daroo | Patchstack Bug Bounty Program"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Contributor Remote Code Execution (RCE) in Widget Options \u003c= 4.2.3 versions."
}
],
"value": "Contributor Remote Code Execution (RCE) in Widget Options \u003c= 4.2.3 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-253",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-253 Remote Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-25T13:12:31.631Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/widget-options/vulnerability/wordpress-widget-options-plugin-4-2-3-remote-code-execution-rce-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress Widget Options Plugin to the latest available version (at least 4.2.4)."
}
],
"value": "Update the WordPress Widget Options Plugin to the latest available version (at least 4.2.4)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Widget Options plugin \u003c= 4.2.3 - Remote Code Execution (RCE) vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2026-54823",
"datePublished": "2026-06-25T13:12:31.631Z",
"dateReserved": "2026-06-16T09:21:51.802Z",
"dateUpdated": "2026-06-25T14:51:05.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-54816 (GCVE-0-2026-54816)
Vulnerability from cvelistv5 – Published: 2026-06-17 13:37 – Updated: 2026-06-17 15:38 X_Open Source- CWE-94 - Improper Control of Generation of Code ('Code Injection')
| URL | Tags |
|---|---|
| https://patchstack.com/database/wordpress/plugin/… | vdb-entry |
| Vendor | Product | Version | |
|---|---|---|---|
| Monetizemore | Advanced Ads |
Affected:
n/a , ≤ 2.0.21
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-54816",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-17T15:18:53.764904Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T15:38:43.012Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "advanced-ads",
"product": "Advanced Ads",
"vendor": "Monetizemore",
"versions": [
{
"changes": [
{
"at": "2.0.22",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.0.21",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nguyen Ba Khanh | Patchstack Bug Bounty Program"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Monetizemore Advanced Ads allows Remote Code Inclusion.\u003cp\u003eThis issue affects Advanced Ads: from n/a through 2.0.21.\u003c/p\u003e"
}
],
"value": "Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Monetizemore Advanced Ads allows Remote Code Inclusion.\n\nThis issue affects Advanced Ads: from n/a through 2.0.21."
}
],
"impacts": [
{
"capecId": "CAPEC-253",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-253 Remote Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T13:37:37.465Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/advanced-ads/vulnerability/wordpress-advanced-ads-plugin-2-0-21-remote-code-execution-rce-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress Advanced Ads Plugin to the latest available version (at least 2.0.22)."
}
],
"value": "Update the WordPress Advanced Ads Plugin to the latest available version (at least 2.0.22)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"x_open-source"
],
"title": "WordPress Advanced Ads plugin \u003c= 2.0.21 - Remote Code Execution (RCE) vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2026-54816",
"datePublished": "2026-06-17T13:37:37.465Z",
"dateReserved": "2026-06-16T09:21:46.612Z",
"dateUpdated": "2026-06-17T15:38:43.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-54769 (GCVE-0-2026-54769)
Vulnerability from cvelistv5 – Published: 2026-07-09 23:51 – Updated: 2026-07-10 14:12- CWE-94 - Improper Control of Generation of Code ('Code Injection')
| URL | Tags |
|---|---|
| https://github.com/langroid/langroid/security/adv… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-54769",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-10T14:12:03.554156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-10T14:12:23.422Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/langroid/langroid/security/advisories/GHSA-q9p7-wqxg-mrhc"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "langroid",
"vendor": "langroid",
"versions": [
{
"status": "affected",
"version": "\u003c 0.65.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Langroid is a framework for building large-language-model-powered applications. Versions prior to 0.65.2 are vulnerable to a critical Sandbox Escape leading to Remote Code Execution (RCE) in its `TableChatAgent` and `VectorStore` capabilities. When these agents evaluate LLM-generated tool messages with `full_eval=True`, they attempt to sandbox the execution by explicitly setting `locals` to an empty dictionary `{}` inside Python\u0027s `eval()` function. However, this relies on an incomplete understanding of Python\u0027s execution model. Because `__builtins__` is not explicitly scrubbed from the `globals` dictionary mapping, Python implicitly injects all built-ins during execution, granting full access to functions like `__import__(\u0027os\u0027).system()`. Since `TableChatAgent.pandas_eval()` executes external LLM outputs natively, this bypass permits any attacker providing prompt payload to achieve unauthenticated RCE on the host system. Version 0.65.2 patches the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-09T23:51:10.855Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/langroid/langroid/security/advisories/GHSA-q9p7-wqxg-mrhc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/langroid/langroid/security/advisories/GHSA-q9p7-wqxg-mrhc"
}
],
"source": {
"advisory": "GHSA-q9p7-wqxg-mrhc",
"discovery": "UNKNOWN"
},
"title": "Langroid: Sandbox Escape to Remote Code Execution via Incomplete `eval()` Mitigation in TableChatAgent"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-54769",
"datePublished": "2026-07-09T23:51:10.855Z",
"dateReserved": "2026-06-15T23:23:57.713Z",
"dateUpdated": "2026-07-10T14:12:23.422Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-54271 (GCVE-0-2026-54271)
Vulnerability from cvelistv5 – Published: 2026-06-22 16:16 – Updated: 2026-06-23 13:49- CWE-94 - Improper Control of Generation of Code ('Code Injection')
| URL | Tags |
|---|---|
| https://github.com/protobufjs/protobuf.js/securit… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| protobufjs | protobufjs-cli |
Affected:
< 1.3.2
Affected: >= 2.0.0, < 2.4.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-54271",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-23T13:48:57.561501Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-23T13:49:08.385Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "protobufjs-cli",
"vendor": "protobufjs",
"versions": [
{
"status": "affected",
"version": "\u003c 1.3.2"
},
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 2.4.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "protobufjs-cli is the command line add-on for protobuf.js. Prior to 1.3.2 and 2.5.0, a previous fix for unsafe name handling in pbjs static / static-module code generation was incomplete. Affected versions of protobufjs-cli could still emit unsafe JavaScript references when generating static output from crafted JSON descriptor input. The common case of parsing schemas from .proto files is not affected. This is a bypass of CVE-2026-44295. An attacker who can provide or influence pre-parsed JSON descriptors passed to pbjs static code generation may be able to cause generated JavaScript output to contain attacker-controlled code. The injected code may execute if the generated file is later executed or imported and an affected generated API path is invoked. This vulnerability is fixed in 1.3.2 and 2.5.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T16:16:05.062Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/protobufjs/protobuf.js/security/advisories/GHSA-pr59-h9ph-3fr8",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/protobufjs/protobuf.js/security/advisories/GHSA-pr59-h9ph-3fr8"
}
],
"source": {
"advisory": "GHSA-pr59-h9ph-3fr8",
"discovery": "UNKNOWN"
},
"title": "protobufjs-cli: Code injection in pbjs static output from crafted JSON descriptor names"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-54271",
"datePublished": "2026-06-22T16:16:05.062Z",
"dateReserved": "2026-06-12T17:13:32.280Z",
"dateUpdated": "2026-06-23T13:49:08.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Strategy: Refactoring
Refactor your program so that you do not have to dynamically generate code.
Mitigation
- Run your code in a "jail" or similar sandbox environment that enforces strict boundaries between the process and the operating system. This may effectively restrict which code can be executed by your product.
- Examples include the Unix chroot jail and AppArmor. In general, managed code may provide some protection.
- This may not be a feasible solution, and it only limits the impact to the operating system; the rest of your application may still be subject to compromise.
- Be careful to avoid CWE-243 and other weaknesses related to jails.
Mitigation MIT-5
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
- To reduce the likelihood of code injection, use stringent allowlists that limit which constructs are allowed. If you are dynamically constructing code that invokes a function, then verifying that the input is alphanumeric might be insufficient. An attacker might still be able to reference a dangerous function that you did not intend to allow, such as system(), exec(), or exit().
Mitigation
Use dynamic tools and techniques that interact with the product using large test suites with many diverse inputs, such as fuzz testing (fuzzing), robustness testing, and fault injection. The product's operation may slow down, but it should not become unstable, crash, or generate incorrect results.
Mitigation MIT-32
Strategy: Compilation or Build Hardening
Run the code in an environment that performs automatic taint propagation and prevents any command execution that uses tainted variables, such as Perl's "-T" switch. This will force the program to perform validation steps that remove the taint, although you must be careful to correctly validate your inputs so that you do not accidentally mark dangerous inputs as untainted (see CWE-183 and CWE-184).
Mitigation MIT-32
Strategy: Environment Hardening
Run the code in an environment that performs automatic taint propagation and prevents any command execution that uses tainted variables, such as Perl's "-T" switch. This will force the program to perform validation steps that remove the taint, although you must be careful to correctly validate your inputs so that you do not accidentally mark dangerous inputs as untainted (see CWE-183 and CWE-184).
Mitigation
For Python programs, it is frequently encouraged to use the ast.literal_eval() function instead of eval, since it is intentionally designed to avoid executing code. However, an adversary could still cause excessive memory or stack consumption via deeply nested structures [REF-1372], so the python documentation discourages use of ast.literal_eval() on untrusted data [REF-1373].
CAPEC-242: Code Injection
An adversary exploits a weakness in input validation on the target to inject new code into that which is currently executing. This differs from code inclusion in that code inclusion involves the addition or replacement of a reference to a code file, which is subsequently loaded by the target and used as part of the code of some application.
CAPEC-35: Leverage Executable Code in Non-Executable Files
An attack of this type exploits a system's trust in configuration and resource files. When the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high.
CAPEC-77: Manipulating User-Controlled Variables
This attack targets user controlled variables (DEBUG=1, PHP Globals, and So Forth). An adversary can override variables leveraging user-supplied, untrusted query variables directly used on the application server without any data sanitization. In extreme cases, the adversary can change variables controlling the business logic of the application. For instance, in languages like PHP, a number of poorly set default configurations may allow the user to override variables.