Description
Executing commands or loading libraries from an untrusted source or in an untrusted environment can cause an application to execute malicious commands (and payloads) on behalf of an attacker.
Extended Description
Process control vulnerabilities take two forms:
CVE vulnerabilities with CWE-114 (26)
10.0
CVSS
CRITICAL
CVE-2025-36250
pub. 2025-11-13
10.0
CVSS
CRITICAL
CVE-2024-56346
pub. 2025-03-18
9.6
CVSS
CRITICAL
CVE-2025-36251
pub. 2025-11-13
9.6
CVSS
CRITICAL
CVE-2024-56347
pub. 2025-03-18
9.3
CVSS
CRITICAL
CVE-2025-1950
pub. 2025-04-22
9.2
CVSS
CRITICAL
CVE-2026-29046
pub. 2026-03-06
8.4
CVSS
HIGH
CVE-2024-25021
pub. 2024-02-22
8.2
CVSS
HIGH
CVE-2020-8107
pub. 2022-02-18
8.1
CVSS
HIGH
CVE-2025-0160
pub. 2025-02-28
8.1
CVSS
HIGH
CVE-2024-32004
pub. 2024-05-14
7.8
CVSS
HIGH
CVE-2025-23385
pub. 2025-01-28
7.8
CVSS
HIGH
CVE-2023-40299
pub. 2023-10-04
7.8
CVSS
HIGH
CVE-2023-4487
pub. 2023-09-05
7.8
CVSS
HIGH
CVE-2022-23748
pub. 2022-11-17🚩 CISA KEV⚡ EXPLOIT
7.8
CVSS
HIGH
CVE-2020-6024
pub. 2021-01-20
7.8
CVSS
HIGH
CVE-2019-8461
pub. 2019-08-29
7.7
CVSS
HIGH
CVE-2020-11075
pub. 2020-05-27
6.5
CVSS
MEDIUM
CVE-2020-6014
pub. 2020-11-02
6.4
CVSS
MEDIUM
CVE-2024-8207
pub. 2024-08-27
5.8
CVSS
MEDIUM
CVE-2021-25736
pub. 2023-10-30
Showing 20 of 26 vulnerabilities