CWE-913
Improper Control of Dynamically-Managed Code Resources
The product does not properly restrict reading from or writing to dynamically-managed code resources such as variables, objects, classes, attributes, functions, or executable instructions or statements.
79 vulnerabilities with CWE-913
CVE-2025-69219
HIGH
Apache Airflow - Code Injection
CVSS 8.8
CVE-2026-25049
CRITICAL
n8n <1.123.17, <2.5.2 - Command Injection
CVSS 9.9
CVE-2026-1770
Crafter Studio - Authenticated RCE
CVE-2026-23830
CRITICAL
SandboxJS <0.8.26 - RCE
CVSS 10.0
CVE-2026-22709
CRITICAL
NPM Vm2 < 3.10.2 - Code Injection
CVSS 9.8
CVE-2025-66398
CRITICAL
Signal K Server <2.19.0 - RCE
CVSS 9.6
CVE-2025-68613
CRITICAL
n8n Workflow Expression Remote Code Execution
CVSS 9.9
CVE-2025-14695
MEDIUM
SamuNatsu HaloBot - RCE
CVSS 6.3
CVE-2025-13659
HIGH
Ivanti Endpoint Manager < 2024 - Remote Code Execution
CVSS 8.8
CVE-2025-13426
Apigee JavaCallout < - RCE
CVE-2025-14085
MEDIUM
Youlaitech Youlai-mall 1.0.0/2.0.0 - Improper Control of Dynamicall...
CVSS 6.3
CVE-2025-14051
MEDIUM
Youlaitech Youlai-mall 1.0.0/2.0.0 - Info Disclosure
CVSS 6.3
CVE-2024-5401
MEDIUM
Synology DSM <7.1.1-42962-8, <7.2.1-69057-2, <7.2.2-72806 - Privile...
CVSS 4.3
CVE-2025-54065
HIGH
GZDoom <4.14.2 - RCE
CVSS 7.9
CVE-2025-26405
MEDIUM
Intel(R) NPU Drivers - DoS
CVSS 5.9
CVE-2025-61780
MEDIUM
Rack < 2.2.20 - Information Disclosure
CVSS 5.8
CVE-2025-9905
HIGH
Keras - RCE
CVSS 7.3
CVE-2025-25270
CRITICAL
Device <specific configurations> - RCE
CVSS 9.8
CVE-2025-6705
MEDIUM
Eclipse Open VSX Registry - Privilege Escalation
CVSS 5.3
CVE-2025-6384
CRITICAL
Craftercms < 4.3.0 - Remote Code Execution
CVSS 9.1
CVE-2025-6107
LOW
comfyanonymous comfyui <0.3.40 - Code Injection
CVSS 3.1
CVE-2025-46675
LOW
NASA CryptoLib <1.3.2 - Memory Corruption
CVSS 3.5
CVE-2025-46673
MEDIUM
NASA CryptoLib <1.3.2 - Auth Bypass
CVSS 4.9
CVE-2025-31674
HIGH
Drupal Drupal core <10.3.13-11.1.3 - Object Injection
CVSS 7.5
CVE-2024-8953
CRITICAL
composiohq/composio <0.4.3 - RCE
CVSS 9.8
Details
Vulnerabilities
79