Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-95

CWE-95

Medium likelihood

Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')

Parent: CWE-94 - Improper Control of Generation of Code ('Code Injection')

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call (e.g. "eval").

126 vulnerabilities with CWE-95

CVE-2025-24893 CRITICAL KEV

XWiki Platform - Remote Code Execution

CVE-2025-0868 CRITICAL

NPM Docsgpt - Remote Code Execution

CVE-2024-41921 HIGH

Openrobotics Robot Operating System - Code Injection

CVE-2024-41148 HIGH

Openrobotics Robot Operating System - Code Injection

CVE-2024-39835 HIGH

Openrobotics Robot Operating System - Code Injection

CVE-2024-39289 HIGH

Openrobotics Robot Operating System - Code Injection

CVE-2024-10633 HIGH

WordPress Plugins - RCE

CVE-2024-8512 CRITICAL

W3SPEEDSTER WordPress <7.26 - RCE

CVE-2024-45858 HIGH

Guardrails AI Guardrails <0.5.10 - RCE

CVE-2024-45851 HIGH

Mindsdb < 24.7.4.1 - Code Injection

CVE-2024-45850 HIGH

Mindsdb < 24.7.4.1 - Code Injection

CVE-2024-45849 HIGH

Mindsdb < 24.7.4.1 - Code Injection

CVE-2024-45848 HIGH

Mindsdb < 24.7.4.1 - Code Injection

CVE-2024-45847 HIGH

Mindsdb < 24.7.4.1 - Code Injection

CVE-2024-45846 HIGH

Mindsdb < 24.7.4.1 - Code Injection

CVE-2024-27321 HIGH

Refuel Autolabel <0.0.8 - RCE

CVE-2024-27320 HIGH

Refuel Autolabel <0.0.8 - RCE

CVE-2024-7954 CRITICAL

CVE-2024-43404 CRITICAL

Megacord Megabot < 1.5.0 - Code Injection

CVE-2024-6891 HIGH

Python <version> - Code Injection

CVE-2024-37901 CRITICAL

Xwiki < 14.10.21 - Missing Authorization

CVE-2024-39173 CRITICAL

calculator-boilerplate v1.0 - RCE

CVE-2024-36404 CRITICAL

GeoTools <31.2-30.4-29.6 - RCE

CVE-2024-36401 CRITICAL KEV

Geoserver unauthenticated Remote Code Execution

CVE-2024-3562 HIGH

Custom Field Suite <2.6.7 - Code Injection

Previous Page 3 of 6 Next

Details

Vulnerabilities 126

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy