Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-913

CWE-913

Improper Control of Dynamically-Managed Code Resources

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly restrict reading from or writing to dynamically-managed code resources such as variables, objects, classes, attributes, functions, or executable instructions or statements.

84 vulnerabilities with CWE-913

CVE-2026-7381 ANALYSIS PENDING

Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting

CVE-2026-5251 MEDIUM

z-9527 admin User Update Endpoint user.js dynamically-determined object attributes

CVE-2026-5248 MEDIUM

gougucms User Registration Login.php reg_submit dynamically-determined object attributes

CVE-2026-34156 CRITICAL

NocoBase Affected by Sandbox Escape to RCE via console._stdout Prototype Chain Traversal in Workflow Script Node

CVE-2026-33286 CRITICAL

Graphiti <1.10.2 - Arbitrary Method Execution

CVE-2026-25049 CRITICAL

n8n <1.123.17, <2.5.2 - Command Injection

CVE-2026-1770 MEDIUM

Crafter Studio - Authenticated RCE

CVE-2026-23830 CRITICAL

SandboxJS <0.8.26 - RCE

CVE-2026-22709 CRITICAL

NPM Vm2 < 3.10.2 - Code Injection

CVE-2025-69219 HIGH

Apache Airflow - Code Injection

CVE-2025-66398 CRITICAL

Signal K Server <2.19.0 - RCE

CVE-2025-68613 CRITICAL KEV

n8n Workflow Expression Remote Code Execution

CVE-2025-14695 MEDIUM

SamuNatsu HaloBot - RCE

CVE-2025-13659 HIGH

Ivanti Endpoint Manager < 2024 - Remote Code Execution

CVE-2025-13426 HIGH

Apigee JavaCallout < - RCE

CVE-2025-14085 MEDIUM

Youlaitech Youlai-mall 1.0.0/2.0.0 - Improper Control of Dynamicall...

CVE-2025-14051 MEDIUM

Youlaitech Youlai-mall 1.0.0/2.0.0 - Info Disclosure

CVE-2025-54065 HIGH

GZDoom <4.14.2 - RCE

CVE-2025-26405 MEDIUM

Intel(R) NPU Drivers - DoS

CVE-2025-61780 MEDIUM

Rack < 2.2.20 - Information Disclosure

CVE-2025-9905 HIGH

CVE-2025-25270 CRITICAL

Device <specific configurations> - RCE

CVE-2025-6705 MEDIUM

Eclipse Open VSX Registry - Privilege Escalation

CVE-2025-6384 CRITICAL

Craftercms < 4.3.0 - Remote Code Execution

CVE-2025-6107 LOW

comfyanonymous comfyui <0.3.40 - Code Injection

Page 1 of 4 Next

Details

Vulnerabilities 84

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy