MITRE ATT&CK CVE list for this attack path. Use risk scores and timeline to decide what to patch first and what to track next.
| CVE | 描述 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|
| CVE-2026-16133 | A flaw has been found in LiuMengxuan04 MiniCode 0.1.0. Affected by this vulnerability is the function child_process.spawn of the file mcp.ts. Executing a manipulation can lead to command injection. The attack can be launched remotely. The attack requires a high level of complexity. The exploitation appears to be difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance. | 1.3 | 无 | 2026-07-18 | 2026-07-18 |
| CVE-2025-71392 | SurrealDB before 2.0.5, 2.1.x before 2.1.5, and 2.2.x before 2.2.2 fails to properly escape table and field names in the command-line export command. An authenticated System User with OWNER or EDITOR roles can create tables or fields with malicious names containing SurrealQL. When a higher-privileged user subsequently imports the exported backup, the injected SurrealQL executes, enabling privilege escalation and root-level takeover of the SurrealDB instance. Applications that let users define cu | 9.4 | 无 | 2026-07-18 | 2026-07-18 |
| CVE-2026-30623 | LiteLLM 1.18.10 contains a remote code execution vulnerability in its MCP server creation functionality. The application allows users to add MCP servers via a JSON configuration specifying arbitrary command and args values. LiteLLM executes these values on the host without validation, enabling attackers to run arbitrary operating system commands. Successful exploitation may result in remote code execution with the privileges of the LiteLLM process. | 9.8 | 0.94% | 2026-07-15 | 2026-07-16 |
| CVE-2025-65720 | An issue in Open Source GPT Researcher v3.3.7 allows attackers to execute arbitrary commands on a victim system via user interaction with a crafted HTML page. | 9.8 | 0.72% | 2026-07-15 | 2026-07-16 |
| CVE-2026-46709 | Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.234, Tabby inserts dropped file paths from tabby-electron/src/pathDrop.ts into the active shell without neutralizing command substitution metacharacters such as $(…) and `…`, so the incomplete CVE-2026-45038 fix for control characters still allows code execution when the victim presses Enter. This issue is fixed in version 1.0.234. | 7.8 | 0.15% | 2026-07-15 | 2026-07-16 |
| CVE-2026-56197 | Improper neutralization of special elements used in a command ('command injection') in Windows Admin Center allows an authorized attacker to execute code over a network. | 8.8 | 0.92% | 2026-07-14 | 2026-07-15 |
| CVE-2026-55145 | Improper neutralization of special elements used in a command ('command injection') in Outlook Copilot allows an authorized attacker to perform tampering over a network. | 6.3 | 0.37% | 2026-07-14 | 2026-07-14 |
| CVE-2026-50488 | Improper neutralization of special elements used in a command ('command injection') in Windows Clipboard User Service allows an authorized attacker to elevate privileges locally. | 7.8 | 0.57% | 2026-07-14 | 2026-07-15 |
| CVE-2026-58635 | Improper neutralization of special elements used in a command ('command injection') in Windows Narrator Braille allows an authorized attacker to elevate privileges locally. | 7.8 | 0.22% | 2026-07-14 | 2026-07-16 |
| CVE-2026-50520 | Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code allows an unauthorized attacker to execute code locally. | 8.4 | 0.25% | 2026-07-14 | 2026-07-16 |
| CVE-2026-48561 | Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to execute code over a network. | 9.6 | 0.75% | 2026-07-14 | 2026-07-16 |
| CVE-2026-15669 | A vulnerability was found in louisho5 picobot up to 0.2.0. This issue affects the function ExecTool.Execute of the file internal/agent/tools/exec.go of the component exec Tool. The manipulation results in os command injection. The attack requires a local approach. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet. | 1.9 | 0.62% | 2026-07-14 | 2026-07-14 |
| CVE-2026-22103 | The NPC start endpoint on the web server at port 8090 is vulnerable to command injection. | 9.3 | 1.31% | 2026-07-13 | 2026-07-13 |
| CVE-2026-22095 | The network diagnosis endpoint on the web server at port 8090 is vulnerable to command injection. | 9.3 | 0.98% | 2026-07-13 | 2026-07-13 |
| CVE-2026-15547 | A weakness has been identified in Shibby Tomato up to 1.28.0000. This affects the function sub_2D048 of the component CIFS Mount Handler. Executing a manipulation of the argument cifs1/cifs2 can lead to os command injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. This project is superseded by FreshTomato. | 2.1 | 1.05% | 2026-07-13 | 2026-07-13 |
| CVE-2026-15546 | A security flaw has been discovered in Shibby Tomato up to 1.28.0000. Affected by this issue is the function sub_2D568 of the component start_jffs2. Performing a manipulation of the argument jffs2_exec results in os command injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. This project is superseded by FreshTomato. | 2.1 | 1.05% | 2026-07-13 | 2026-07-13 |
| CVE-2026-15513 | A security flaw has been discovered in Wavlink WL-NU516U1 260515. This affects the function wlink_uci_set_value of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument lan_ip results in os command injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. You should upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affect | 2.1 | 1.42% | 2026-07-12 | 2026-07-13 |
| CVE-2026-15511 | A vulnerability was determined in Comfast CF-WR631AX V3 up to 2.7.0.8. Affected by this vulnerability is the function system_wl_upload_pic_file of the file /usr/bin/webmgnt of the component FastCGI Backend. This manipulation of the argument filename causes os command injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. | 8.9 | 2.69% | 2026-07-12 | 2026-07-14 |
| CVE-2026-15496 | A vulnerability was found in SonicCloudOrg sonic-agent up to 2.7.2. The impacted element is the function evalIsFailed of the file sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java of the component Groovy Script Handler. The manipulation results in os command injection. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. This vulnerability only | 2.1 | 1.16% | 2026-07-12 | 2026-07-13 |
| CVE-2026-15495 | A vulnerability has been found in SonicCloudOrg sonic-agent up to 2.7.2. The affected element is an unknown function of the file AndroidWSServer.java of the component Android WebSocket Server. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. This vulnerability only affects products that are no | 2.1 | 1.54% | 2026-07-12 | 2026-07-15 |