Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,792 vulnerabilities with CWE-74

CVE-2026-5002 HIGH

PromtEngineer localGPT LLM Prompt server.py _route_using_overviews injection

CVE-2026-4998 HIGH

Sinaptik AI PandasAI Chat Message code_executor.py CodeExecutor.execute code injection

CVE-2026-4996 HIGH

Sinaptik AI PandasAI pandasai-lancedb Extension lancedb.py get_relevant_docs_by_id sql injection

CVE-2026-4970 MEDIUM

code-projects Social Networking Site Endpoint delete_photos.php sql injection

CVE-2026-4966 MEDIUM

itsourcecode Free Hotel Reservation System index.php sql injection

CVE-2026-4963 MEDIUM

huggingface smolagents Incomplete Fix CVE-2025-9959 local_python_executor.py evaluate_with code injection

CVE-2026-4956 HIGH

Shenzhen Ruiming Technology Streamax Crocus Parameter DevicePrint.do sql injection

CVE-2026-4955 HIGH

Shenzhen Ruiming Technology Streamax Crocus OperateStatistic.do sql injection

CVE-2026-4954 MEDIUM

mingSoft MCMS Web Content List Endpoint ContentAction.java list sql injection

CVE-2026-32695 HIGH

Traefik has Knative Ingress Rule Injection that Allows Host Restriction Bypass

CVE-2026-22744 HIGH

Spring AI <1.0.5 - Command Injection

CVE-2026-4910 HIGH

Shenzhen Ruiming Technology Streamax Crocus Endpoint RemoteFormat.do sql injection

CVE-2026-4908 HIGH

code-projects Simple Laundry System Parameter modstaffinfo.php sql injection

CVE-2026-33148 MEDIUM

URL Parameter Injection in FDC Food Search API Causes Server Crash and Exposes Internal API Key

CVE-2026-4876 MEDIUM

itsourcecode Free Hotel Reservation System index.php sql injection

CVE-2026-4850 HIGH

code-projects Simple Laundry System Parameter checkregisitem.php sql injection

CVE-2026-4844 HIGH

code-projects Online Food Ordering System Admin Login admin.php sql injection

CVE-2026-4842 HIGH

itsourcecode Online Enrollment System Parameter index.php sql injection

CVE-2026-4841 HIGH

code-projects Online Food Ordering System Shopping Cart cart.php sql injection

CVE-2026-4839 HIGH

SourceCodester Food Ordering System Parameter purchase.php sql injection

CVE-2026-4838 HIGH

SourceCodester Malawi Online Market display.php sql injection

CVE-2026-4836 MEDIUM

code-projects Accounting System delete.php sql injection

CVE-2026-4826 MEDIUM

SourceCodester Sales and Inventory System HTTP GET Parameter update_stock.php sql injection

CVE-2026-4825 MEDIUM

SourceCodester Sales and Inventory System HTTP GET Parameter update_sales.php sql injection

CVE-2026-4784 HIGH

code-projects Simple Laundry System Parameter checkcheckout.php sql injection

Previous Page 22 of 192 Next

Details

Vulnerabilities 4,792

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy