Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,792 vulnerabilities with CWE-74

CVE-2026-9402 MEDIUM

Edimax BR-6675nD POST Request formWlanMP command injection

CVE-2026-9400 MEDIUM

Edimax BR-6675nD POST Request formUSBStorage command injection

CVE-2026-9383 HIGH

itsourcecode Electronic Judging System login.php sql injection

CVE-2026-9379 MEDIUM

Edimax BR-6675nD POST Request formWpsStart command injection

CVE-2026-9378 MEDIUM

Edimax BR-6675nD POST Request formHwSet command injection

CVE-2026-9366 HIGH

NousResearch hermes-agent prompt_builder.py _scan_context_content injection

CVE-2026-9364 HIGH

projectworlds Online Art Gallery Shop adminHome.php sql injection

CVE-2026-9363 MEDIUM

Edimax EW-7438RPn POST Request formEZCHNwlanSetu formEZCHNwlanSetup command injection

CVE-2026-9362 MEDIUM

Edimax EW-7438RPn Setting formConnectionSetting command injection

CVE-2026-9361 MEDIUM

Edimax EW-7438RPn POST Request formAccep formAccept command injection

CVE-2026-9359 MEDIUM

Edimax EW-7438RPn POST Request formHwSet command injection

CVE-2026-9356 HIGH

SourceCodester Hospitals Patient Records Management System manage_history.php sql injection

CVE-2026-9355 HIGH

SourceCodester Hospitals Patient Records Management System Master.php save_patient_history sql injection

CVE-2026-9354 MEDIUM

NousResearch hermes-agent Slack Agent/Mattermost Agent escape output

CVE-2026-9353 HIGH

NousResearch hermes-agent Skills Guard Multi-Word Prompt skills_guard.py injection

CVE-2026-9342 MEDIUM

SourceCodester Hospitals Patient Records Management System view_history.php sql injection

CVE-2026-9305 MEDIUM

QuantumNous new-api self Endpoint topup.go SearchAllTopUps sql injection

CVE-2026-9302 MEDIUM

546669204 vps-inventory-monitoring VpsTest Console VpsTest.php eval code injection

CVE-2026-9297 MEDIUM

Edimax BR-6428NS POST Request formWlbasic command injection

CVE-2026-9296 MEDIUM

Edimax BR-6428NS POST Request formWlanM system command injection

CVE-2026-6279 CRITICAL

Avada (Fusion) Builder <= 3.15.2 - Remote Code Execution via PHP Function Injection

CVE-2026-20199 MEDIUM

Cisco ThousandEyes Enterprise Agent - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CVE-2026-8785 HIGH

projectworlds hospital-management-system-in-php GET Parameter update_info.php getAllPatientDetail sql injection

CVE-2026-8777 MEDIUM

Edimax BR-6428NS POST Request formStaDrvSetup command injection

CVE-2026-8774 MEDIUM

Edimax BR-6228NC POST Request mp command injection

Previous Page 8 of 192 Next

Details

Vulnerabilities 4,792

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy