Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-88

CWE-88

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Parent: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.

359 vulnerabilities with CWE-88

CVE-2026-1717 MEDIUM

Lenovo Vantage/Baiying - Privilege Escalation

CVE-2026-1716 HIGH

Lenovo Vantage/Baiying - Privilege Escalation

CVE-2026-1715 HIGH

Lenovo Vantage/Baiying - Privilege Escalation

CVE-2026-25689 MEDIUM

Fortinet FortiDeceptor - Command Injection

CVE-2026-3682 MEDIUM

welovemedia FFmate <=2.0.15 - Command Injection

CVE-2026-26194 HIGH

Gogs < 0.14.2 - Argument Injection via Git Tag Deletion

CVE-2026-20016 MEDIUM

Cisco FXOS Software - Command Injection

CVE-2026-20063 MEDIUM

Cisco Secure FTD Software - Command Injection

CVE-2026-26514 HIGH

bird-lg-go <6187a4e - Argument Injection

CVE-2026-27947 HIGH

Group-Office <26.0.9 - Authenticated RCE

CVE-2026-27613 CRITICAL

TinyWeb < 2.01 - Unauthenticated Argument Injection via CGI Parameter Bypass

CVE-2026-27208 CRITICAL

bleon-ethical/api-gateway-deploy 1.0.0 - Command Injection

CVE-2026-24126 MEDIUM

Weblate <5.16.0 - Command Injection

CVE-2026-25134 HIGH

Group-Office <6.8.150, 25.0.82, 26.0.5 - RCE

CVE-2026-24739 MEDIUM

Symfony <5.4.51-8.0.5 - Code Injection

CVE-2026-22583 CRITICAL

Salesforce Marketing Cloud Engagement - Command Injection

CVE-2026-22582 CRITICAL

Salesforce Marketing Cloud Engagement - Command Injection

CVE-2026-0774 HIGH

WatchYourLAN Configuration Page - arpstrs Argument Injection Code Execution

CVE-2026-24061 CRITICAL KEV

GNU Inetutils Telnet Authentication Bypass Exploit CVE-2026-24061

CVE-2025-40948 MEDIUM

Siemens Ruggedcom Rox MX5000 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

CVE-2025-41761 HIGH

mbs-solutions universal_bacnet_router_firmware < 6.0.1.0 - Privilege Escalation via Sudo Permissions

CVE-2025-70327 CRITICAL

TOTOLINK X5000R v9.1.0cu_2415_B20250515 - Command Injection

CVE-2025-15316 MEDIUM

Tanium Server - Privilege Escalation

CVE-2025-15315 MEDIUM

Tanium Module Server - Privilege Escalation

CVE-2025-67858 HIGH

Foomuuri < 0.31 - Argument Injection via JSON Configuration

Previous Page 3 of 15 Next

Details

Vulnerabilities 359

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy