CWE-77

High likelihood

Improper Neutralization of Special Elements used in a Command ('Command Injection')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

3,065 vulnerabilities with CWE-77
CVE-2026-3798 MEDIUM
Comfast CF-AC100 2.6.0.8 - Command Injection
CVSS 4.7
CVE-2026-3704 MEDIUM
Wavlink NU516U1 251208 - Command Injection
CVSS 4.7
CVE-2026-3696 HIGH
Totolink N300RH 6..1c.1353_B20190305 - Command Injection
CVSS 7.3
CVE-2026-3680 MEDIUM
RyuzakiShinji biome-mcp-server <=1.0.0 - Command Injection
CVSS 6.3
CVE-2026-3662 MEDIUM
Wavlink WL-NU516U1 240425 - Command Injection
CVSS 4.7
CVE-2026-3661 MEDIUM
Wavlink WL-NU516U1 240425 - Command Injection
CVSS 4.7
CVE-2026-3612 HIGH
Wavlink WL-NU516U1 V240425 - Command Injection
CVSS 7.2
CVE-2026-3485 CRITICAL
D-Link DIR-868L 110b03 - Command Injection
CVSS 9.8
CVE-2026-3484 MEDIUM
PhialsBasement nmap-mcp-server - Command Injection
CVSS 6.3
CVE-2025-52365 HIGH
ccurtsinger/stabilizer szc - Command Injection
CVSS 7.8
CVE-2026-2256 MEDIUM
ModelScope ms-agent <v1.6.0rc1 - Command Injection
CVSS 6.5
CVE-2026-3301 CRITICAL
Totolink N300RH 6.1c.1353_B20190305 - Command Injection
CVSS 9.8
CVE-2026-22719 HIGHKEV
VMware Aria Operations - Command Injection
CVSS 8.1
CVE-2025-33181 HIGH
NVIDIA Cumulus Linux/NVOS - Command Injection
CVSS 7.3
CVE-2025-33180 HIGH
NVIDIA Cumulus Linux/NVOS - Command Injection
CVSS 8.0
CVE-2026-3102 MEDIUM
exiftool <=13.49 - Command Injection
CVSS 6.3
CVE-2026-3101 MEDIUM
Intelbras TIP 635G 1.12.3.5 - Command Injection
CVSS 6.3
CVE-2026-3066 MEDIUM
HummerRisk <1.5.0 - Command Injection
CVSS 6.3
CVE-2026-3065 MEDIUM
HummerRisk <1.5.0 - Command Injection
CVSS 6.3
CVE-2026-3064 MEDIUM
HummerRisk <1.5.0 - Command Injection
CVSS 6.3
CVE-2026-3040 MEDIUM
DrayTek Vigor 300B <=1.5.1.6 - Command Injection
CVSS 4.7
CVE-2026-2956 MEDIUM
qinming99 dst-admin <=1.5.0 - Command Injection
CVSS 6.3
CVE-2026-2952 HIGH
Vaelsys 4.1.0 - Command Injection
CVSS 7.3
CVE-2026-2944 HIGH
Tosei Online Store Management System 1.01 - Command Injection
CVSS 7.3
CVE-2026-2333 CRITICAL
Owl opds 2.2.0.4 - Command Injection
CVSS 9.8
Details
Vulnerabilities 3,065
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits