Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-88

CWE-88

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Parent: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.

359 vulnerabilities with CWE-88

CVE-2025-66002 MEDIUM

smb4k < 4.0.5 - Argument Injection via Mount Helper

CVE-2025-14946 MEDIUM

libnbd Crafted URI - SSH Argument Injection Code Execution

CVE-2025-68144 HIGH

mcp-server-git <2025.12.17 - Code Injection

CVE-2025-62847 HIGH

QNAP <5.2.7.3297 - Command Injection

CVE-2025-12613 HIGH

Cloudinary <2.7.0 - Command Injection

CVE-2025-12556 HIGH

IDIS ICM Viewer 1.6.0.10 and 1.7.1 - Argument Injection

CVE-2025-36565 MEDIUM

Dell PowerProtect Data Domain 7.7.1.0-8.1.0.10, 7.13.1.0-7.13.1.25, 7.10.1.0-7.10.1.50 - Authenticated Command Injection

CVE-2025-43905 MEDIUM

Dell Data Domain Operating System < 7.10.1.70 - Denial of Service

CVE-2025-59489 HIGH

Unity Runtime <2025-10-02 - Code Injection

CVE-2025-59937 CRITICAL

go-mail < 0.7.1 - ESMTP Parameter Smuggling via Mail Address Handling

CVE-2025-59433 MEDIUM

Conventional Changelog <2.0.0 - Command Injection

CVE-2025-47421 HIGH

CRESTRON TOUCHSCREENS x70 - Privilege Escalation

CVE-2025-43730 HIGH

Dell ThinOS < 2508 - Unauthenticated Argument Injection

CVE-2025-57791 MEDIUM

Commvault Command-Line Argument Injection to Traversal Remote Code Execution

CVE-2025-6232 HIGH

Lenovo Vantage - Privilege Escalation

CVE-2025-6231 HIGH

Lenovo Vantage - Privilege Escalation

CVE-2025-53509 MEDIUM

Advantech iView - Command Injection

CVE-2025-52459 MEDIUM

Advantech iView - Command Injection

CVE-2025-53542 HIGH

Kubernetes Headlamp - Command Injection

CVE-2025-46835 HIGH

Git GUI <2.43.7-2.50.1 - Info Disclosure

CVE-2025-48385 HIGH

Git Bundle URI - Protocol Injection Arbitrary Code Execution

CVE-2025-49520 HIGH

Red Hat Ansible Automation Platform 2.5 for RHEL 8/9 - Authenticated Command Injection via Git URL Argument Injection

CVE-2025-52480 CRITICAL

julialang/registrator < 1.9.5 - Remote Code Execution via Argument Injection in gettreesha()

CVE-2025-3460 HIGH

onsemi Quantenna Wi-Fi Firmware - OS Command Injection via set_tx_pow Script

CVE-2025-3459 HIGH

onsemi Quantenna Wi-Fi Firmware - OS Command Injection via transmit_file Script

Previous Page 4 of 15 Next

Details

Vulnerabilities 359

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy