CWE-74
High likelihoodImproper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
4,792 vulnerabilities with CWE-74
CVE-2026-5596
MEDIUM
griptape-ai griptape SqlTool tool.py sql injection
CVSS 6.3
CVE-2026-5594
MEDIUM
premAI-io premsql followup.py eval code injection
CVSS 6.3
CVE-2026-5587
MEDIUM
wbbeyourself MAC-SQL Refiner Agent agents.py _execute_sql sql injection
CVSS 6.3
CVE-2026-5586
MEDIUM
zhongyu09 openchatbi Multi-stage Text2SQL Workflow sql injection
CVSS 6.3
CVE-2026-5584
HIGH
Fosowl agenticSeek query Endpoint PyInterpreter.py PyInterpreter.execute code injection
CVSS 7.3
CVE-2026-5583
MEDIUM
PHPGurukul Online Shopping Portal Project Parameter my-profile.php sql injection
CVSS 6.3
CVE-2026-5580
MEDIUM
CodeAstro Online Classroom Parameter addvideos.php sql injection
CVSS 6.3
CVE-2026-5579
MEDIUM
CodeAstro Online Classroom Parameter updatedetailsfromfaculty.php sql injection
CVSS 6.3
CVE-2026-5578
MEDIUM
CodeAstro Online Classroom Parameter addassessment.php sql injection
CVSS 6.3
CVE-2026-5577
HIGH
Song-Li cross_browser details Endpoint uniquemachine_app.py sql injection
CVSS 7.3
CVE-2026-5575
HIGH
SourceCodester/jkev Record Management System Login index.php sql injection
CVSS 7.3
CVE-2026-5565
HIGH
code-projects Simple Laundry System Parameter delmemberinfo.php sql injection
CVSS 7.3
CVE-2026-5564
HIGH
code-projects Simple Laundry System Parameter searchguest.php sql injection
CVSS 7.3
CVE-2026-5563
MEDIUM
AutohomeCorp frostmourne Alarm Preview previewData httpTest sql injection
CVSS 6.3
CVE-2026-5562
HIGH
provectus kafka-ui Endpoint testexecutions validateAccess code injection
CVSS 7.3
CVE-2026-5561
MEDIUM
Campcodes Complete POS Management and Inventory System Environment Variable SettingsController.php injection
CVSS 6.3
CVE-2026-5560
MEDIUM
PHPGurukul Online Shopping Portal Project Parameter payment-method.php sql injection
CVSS 6.3
CVE-2026-5558
MEDIUM
PHPGurukul PHPGurukul Online Shopping Portal Project Parameter pending-orders.php sql injection
CVSS 6.3
CVE-2026-5556
MEDIUM
badlogic pi-mono loader.ts discoverAndLoadExtensions code injection
CVSS 6.3
CVE-2026-5555
HIGH
code-projects Concert Ticket Reservation System Parameter login.php sql injection
CVSS 7.3
CVE-2026-5554
HIGH
code-projects Concert Ticket Reservation System Parameter process_search.php sql injection
CVSS 7.3
CVE-2026-5553
MEDIUM
itsourcecode Online Cellphone System Parameter available.php sql injection
CVSS 6.3
CVE-2026-5552
MEDIUM
PHPGurukul Online Shopping Portal Project Parameter sub-category.php sql injection
CVSS 6.3
CVE-2026-5551
HIGH
itsourcecode Free Hotel Reservation System Parameter login.php sql injection
CVSS 7.3
CVE-2026-5543
MEDIUM
PHPGurukul User Registration & Login and User Management System yesterday-reg-users.php sql injection
CVSS 6.3
Details
Vulnerabilities
4,792
Exploit Likelihood
High