Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-94

CWE-94

Medium likelihood

Improper Control of Generation of Code ('Code Injection')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

6,184 vulnerabilities with CWE-94

CVE-2026-6218 MEDIUM

aandrew-me ytDownloader Error Details Panel createTextNode cross site scripting

CVE-2026-6216 LOW

DbGate SVG Icon String FontIcon.svelte cross site scripting

CVE-2026-31048 CRITICAL

Pyro v3.x - Code Injection

CVE-2026-29955 HIGH

KubePlus 4.14 - Command Injection

CVE-2026-6184 LOW

code-projects Simple Content Management System welcome.php cross site scripting

CVE-2026-6162 LOW

PHPGurukul Company Visitor Management System bwdates-reports-details.php cross site scripting

CVE-2026-6159 MEDIUM

code-projects Simple ChatBox Endpoint insert.php cross site scripting

CVE-2026-6150 MEDIUM

code-projects Simple Laundry System checkupdatestatus.php cross site scripting

CVE-2026-6125 MEDIUM

Dromara warm-flow Workflow Definition save-json SpelHelper.parseExpression code injection

CVE-2026-6110 HIGH

FoundationAgents MetaGPT Tree-of-Thought Solver tot.py generate_thoughts code injection

CVE-2026-6107 LOW

1Panel-dev MaxKB ChatHeadersMiddleware chat_headers_middleware.py cross site scripting

CVE-2026-6106 LOW

1Panel-dev MaxKB Public Chat static_headers_middleware.py StaticHeadersMiddleware cross site scripting

CVE-2026-40158 HIGH

PraisonAI has Improper Control of Generation of Code ('Code Injection') and Protection Mechanism Failure in praisonai

CVE-2026-40156 HIGH

PraisonAI Affected by Implicit Execution of Arbitrary Code via Automatic `tools.py` Loading

CVE-2026-6035 MEDIUM

code-projects Vehicle Showroom Management System ServiceAndSalesReport.php cross site scripting

CVE-2026-6034 MEDIUM

code-projects Vehicle Showroom Management System ProfitAndLossReport.php cross site scripting

CVE-2026-6032 MEDIUM

code-projects Simple Laundry System checkcheckout.php cross site scripting

CVE-2026-6003 LOW

code-projects Simple IT Discussion Forum user.php cross site scripting

CVE-2026-5971 HIGH

FoundationAgents MetaGPT XML action_node.py ActionNode.xml_fill eval injection

CVE-2026-5970 HIGH

FoundationAgents MetaGPT HumanEvalBenchmark/MBPPBenchmark check_solution code injection

CVE-2026-30479 CRITICAL

OSGeo Project MapServer <8.0 - DLL Injection

CVE-2026-5848 MEDIUM

jeecgboot JimuReport Data Source testConnection DriverManager.getConnection code injection

CVE-2026-5836 LOW

code-projects Online Shoe Store admin_product.php cross site scripting

CVE-2026-5835 LOW

code-projects Online Shoe Store admin_football.php cross site scripting

CVE-2026-5834 LOW

code-projects Online Shoe Store admin_running.php cross site scripting

Previous Page 5 of 248 Next

Details

Vulnerabilities 6,184

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy