Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,795 vulnerabilities with CWE-74

CVE-2026-2824 MEDIUM

Comfast CF-E7 2.6.0.9 - Command Injection

CVE-2026-2823 MEDIUM

Comfast CF-E7 2.6.0.9 - Command Injection

CVE-2026-2822 MEDIUM

JeecgBoot < 3.9.1 - SQL Injection via Backend Interface

CVE-2026-2821 HIGH

Fujian Smart Platform <7.5 - SQL Injection

CVE-2026-2820 HIGH

Fujian Smart Platform <7.5 - SQL Injection

CVE-2026-2706 MEDIUM

Patient Record Management System 1.0 - SQL Injection

CVE-2026-2691 HIGH

itsourcecode Event Management 1.0 - SQL Injection

CVE-2026-2690 HIGH

itsourcecode Event Management 1.0 - SQL Injection

CVE-2026-2689 HIGH

itsourcecode Event Management 1.0 - SQL Injection

CVE-2026-24764 LOW

OpenClaw <=2026.2.2 - Command Injection

CVE-2026-2682 MEDIUM

Tsinghua Unigroup EA System <3.2.210802 - SQL Injection

CVE-2026-2663 MEDIUM

Alixhan xh-admin-backend <=1.7.0 - SQL Injection

CVE-2026-2019 HIGH

Cart All In One For WooCommerce <=1.1.21 - Code Injection

CVE-2026-2621 HIGH

Sciyon Koyuan Thermoelectricity Heat Network Management System 3.0 - SQL Injection via PGUID Parameter

CVE-2026-2620 HIGH

Huace Monitoring 2.2 - SQL Injection

CVE-2026-2615 HIGH

Wavlink WL-NU516U1 <20251208 - Command Injection

CVE-2026-2553 MEDIUM

Hotel-Management-System - SQL Injection

CVE-2026-2548 MEDIUM

WAYOS FBM-220G 24.10.19 - Command Injection

CVE-2026-2537 MEDIUM

Comfast CF-E4 2.6.0.1 - Command Injection

CVE-2026-2535 MEDIUM

Comfast CF-N1 V2 2.6.0.2 - Command Injection

CVE-2026-2534 MEDIUM

Comfast CF-N1 V2 2.6.0.2 - Command Injection

CVE-2026-2533 HIGH

Tosei Self-service Washing Machine 4.02 - Command Injection

CVE-2026-2530 MEDIUM

Wavlink WL-WN579A3 <20210219 - Command Injection

CVE-2026-2529 MEDIUM

Wavlink WL-WN579A3 <20210219 - Command Injection

CVE-2026-2528 MEDIUM

Wavlink WL-WN579A3 <20210219 - Command Injection

Previous Page 31 of 192 Next

Details

Vulnerabilities 4,795

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy