Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-707

CWE-707

Improper Neutralization

The product does not ensure or incorrectly ensures that structured messages or data are well-formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.

251 vulnerabilities with CWE-707

CVE-2026-11457 HIGH

erzhongxmu JeeWMS JimuReport test-connection Endpoint testConnection injection

CVE-2026-10661 MEDIUM

ahujasid blender-mcp server.py open injection

CVE-2026-10223 MEDIUM

NousResearch hermes-agent memory_tool.py _scan_memory_content injection

CVE-2026-10222 MEDIUM

NousResearch hermes-agent config.py _sanitize_env_lines injection

CVE-2026-10221 HIGH

NousResearch hermes-agent run_agent.py _compress_context injection

CVE-2026-10220 HIGH

NousResearch hermes-agent skills_tool.py skill_view injection

CVE-2026-10210 MEDIUM

AstrBotDevs AstrBot skill_manager.py _sanitize_prompt_description injection

CVE-2026-9422 HIGH

KLiK SocialMediaWebsite HTTP POST Request Parameter injection

CVE-2026-9420 MEDIUM

KLiK SocialMediaWebsite HTTP GET Request Parameter injection

CVE-2026-9366 HIGH

NousResearch hermes-agent prompt_builder.py _scan_context_content injection

CVE-2026-9353 HIGH

NousResearch hermes-agent Skills Guard Multi-Word Prompt skills_guard.py injection

CVE-2026-7045 MEDIUM

baomidou dynamic-datasource 2.5.0 - Expression Injection

CVE-2026-6994 MEDIUM

Envoy Query Parameter header_mutation.cc params.add injection

CVE-2026-6599 MEDIUM

langflow-ai langflow Model Context Protocol Configuration API mcp_projects.py install_mcp_config injection

CVE-2026-5561 MEDIUM

Campcodes Complete POS Management and Inventory System Environment Variable SettingsController.php injection

CVE-2026-5002 HIGH

PromtEngineer localGPT LLM Prompt server.py _route_using_overviews injection

CVE-2026-4516 MEDIUM

Foundation Agents MetaGPT DataInterpreter write_analysis_code.py injection

CVE-2026-4511 MEDIUM

vanna-ai vanna legacy exec injection

CVE-2026-4500 MEDIUM

bagofwords1 bagofwords code_execution.py generate_df injection

CVE-2026-3992 MEDIUM

CodeGenieApp serverless-express <4.17.1 - Code Injection

CVE-2026-3813 MEDIUM

opencc JFlow - Injection in WF_CCForm Calculate Function

CVE-2026-2954 MEDIUM

Dromara UJCMS 10.0.2 - Code Injection

CVE-2025-14674 MEDIUM

aizuda snail-job <1.6.0 - Code Injection

CVE-2025-66545 LOW

Nextcloud <14.0.11, <15.3.12, <16.0.15, <17.0.14, <18.1.8, <19.1.8,...

CVE-2025-13268 MEDIUM

Dromara dataCompare <1.0.1 - SQL Injection

Page 1 of 11 Next

Details

Vulnerabilities 251

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy