CWE-88
Argument Injection
MITRENo catalog description on file. The MITRE CWE site has the canonical reference.
Recent CVEs
showing 10 of 10- CVE-2026-47250—EPSS 0%18 h ago
MCP Server Kubernetes: kubectl-generic flag injection enables Kubernetes bearer token exfiltration
npm - CVE-2022-36804High· 8.8KEVEXPLOITEPSS 94%21 h ago
Atlassian Bitbucket Server and Data Center Command Injection Vulnerability
- CVE-2016-10033Critical· 9.8KEVEXPLOITEPSS 94%21 h ago
PHPMailer Command Injection Vulnerability
- CVE-2026-24061Critical· 9.8KEVEXPLOITEPSS 92%21 h ago
GNU InetUtils Argument Injection Vulnerability
- CVE-2024-41710High· 7.2KEVEPSS 20%21 h ago
Mitel SIP Phones Argument Injection Vulnerability
- CVE-2026-47365Critical· 9.9EPSS 0%22 h ago
Argument injection vulnerability in WordPress Toolkit before 6.11.0 as used in cPanel & WHM, allows remote authenticated users to bypass cross-tenant authorization and execute arbitrary wp-toolkit CLI commands as another account.
- CVE-2026-46529—EPSS 0%1 d ago
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution
- CVE-2026-52750High· 7.8EPSS 0%1 d ago
Ghidra before 12.1 contains a command injection vulnerability in URL annotation handling on Windows where cmd.exe metacharacters are not properly escaped. Attackers can execute arbitrary commands under the Ghidra user's privileges by embedd
- CVE-2026-53694—EPSS 0%2 d ago
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Nomachine allows Argument Injection.This issue affects Nomachine: before 9.5.7, before 8.23.2.
- CVE-2026-35585High· 7.2EPSS 0%4 d ago
File Browser has a Command Injection via Hook Runner
go
CWE catalog data sourced from MITRE. CVE associations come from NVD weakness mappings; some CVEs carry multiple CWEs.