CWE-829

Inclusion of Functionality from Untrusted Control Sphere

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.

257 vulnerabilities with CWE-829
CVE-2026-48124 HIGH
Cursor Desktop sandbox escape via Claude hook configuration
CVE-2026-12057 HIGH
DoS + Remote Code Execution via PDF JavaScript in Foxit AI
CVSS 8.6
CVE-2026-53810 HIGH
OpenClaw < 2026.5.18 - Arbitrary Code Execution via Unscanned Marketplace Runtime Extension Metadata
CVSS 8.8
CVE-2026-52858 HIGH
Vim: Arbitrary Code Execution via Python Omni-Completion
CVSS 7.8
CVE-2026-47174 CRITICAL
Duck Site: Untrusted pull request code can trigger privileged production deployment
CVE-2026-47172 CRITICAL
Quest Bot: Untrusted pull request code can be built and deployed by privileged `workflow_run` deployment.
CVE-2026-46529 HIGH
PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen
CVE-2026-47292 HIGH
Visual Studio Code MSSQL Extension Remote Code Execution Vulnerability
CVSS 7.8
CVE-2026-11269 HIGH
Google Chrome - Arbitrary Code Execution
CVSS 7.1
CVE-2026-8879 HIGH
Securly Chrome Extension < 3.0.7 - Denial of Service via Dynamic Content Script Injection
CVSS 7.5
CVE-2026-5241 CRITICAL
Policy Bypass in LightGlue Nested Config Resolution in huggingface/transformers
CVSS 9.6
CVE-2026-44358 HIGH
Espressif Shared GitHub DangerJS: Untrusted Search Path in DangerJS Action Entrypoint
CVSS 8.2
CVE-2026-5843 HIGH
Docker Model Runner container-to-host code execution via MLX-LM model_file importlib loading
CVSS 8.2
CVE-2026-5817 HIGH
Docker Model Runner container-to-host code execution via unsandboxed trust_remote_code in Python inference backends
CVSS 8.2
CVE-2026-8428 HIGH
CSRF token is not validated in the core CMS update controller for Concrete CMS 9.5.0 and below
CVSS 8.8
CVE-2026-8426 HIGH
Concrete CMS 9.5.0 and below is vulnerable to CSRF on prepare_remote_upgrade() leading to one-request RCE via package overwrite
CVSS 8.8
CVE-2026-7373 HIGH
Metasploit Pro on Windows: Local Privilege Escalation via OpenSSL Configuration File Loading
CVE-2026-44312 MEDIUM
css_parser allows to MITM included https css urls
CVSS 5.8
CVE-2026-44995 HIGH
OpenClaw < 2026.4.20 - Arbitrary Code Execution via MCP stdio Environment Variables
CVSS 7.3
CVE-2026-45184 MEDIUM
Kdenlive < 26.04.1 - Inclusion of Functionality from Untrusted Control Sphere via Proxy Parameters
CVSS 6.5
CVE-2026-44336 CRITICAL
PraisonAI MCP `tools/call` path-traversal and RCE via Python `.pth` injection
CVSS 9.6
CVE-2026-43944 CRITICAL
electerm: dangerous code can be run through links or command line
CVSS 9.6
CVE-2026-43940 HIGH
electerm: Path traversal in electerm runWidget leads to arbitrary code execution
CVSS 8.4
CVE-2026-43571 HIGH
OpenClaw < 2026.4.10 - Untrusted Workspace Plugin Shadow Resolution in Channel Setup
CVSS 8.8
CVE-2026-43569 HIGH
OpenClaw < 2026.4.9 - Untrusted Provider Plugin Auto-enablement via Workspace Provider Auth
CVSS 8.8
Details
Vulnerabilities 257
Links
MITRE CWE Entry Search this CWE With Exploits