CWE-9421 advisories

Code Injection

What it is

Untrusted input reaches an interpreter (eval, template, deserializer), letting an attacker run arbitrary code.

How to fix it

Patch the package and remove dynamic evaluation of user input.

How to avoid it

Never pass user input to eval/exec/templating engines; use safe, data-only APIs.

Known Code Injection vulnerabilities

AI-COPILOT-CAMOLEAK-2025 — critical · GitHub Copilot/GitHub Copilot Chat
GHSA-CXM3-WV7P-598C — critical · npm/nx, @nx/devkit, @nx/js, @nx/workspace, @nx/node, @nx/eslint · exploited
CVE-2025-54135 — high · Cursor/Cursor AI code editor
AI-AMAZON-Q-WIPER-2025 — high · Amazon Q/Amazon Q Developer Extension for VS Code · exploited
CVE-2025-54132 — high · AI coding/AI coding agents (Cursor, GitHub Copilot, Claude Code, Windsurf) · exploited
CVE-2025-1974 — critical · Kubernetes/ingress-nginx (Ingress-NGINX Controller for Kubernetes)
AI-RULES-FILE-BACKDOOR-2025 — high · Cursor/GitHub Copilot / Cursor rules files
AI-HUGGINGFACE-NULLIFAI-2025 — high · AI coding/Hugging Face ML models (Pickle)
AI-MEMORY-POISONING-2024 — high · LLM security/Agent memory poisoning · exploited
CVE-2024-5565 — high · Vanna.AI/vanna · exploited
CVE-2023-29374 — critical · LangChain/langchain · exploited
AI-REMOTELI-BOT-2022 — high · Twitter/X/remoteli.io GPT-3 Twitter bot · exploited
SC-PPE-CICDSEC4-2022 — critical · CI/CD/Poisoned Pipeline Execution (PPE) · exploited
CVE-2022-30190 — high · Windows/Microsoft Windows Support Diagnostic Tool (MSDT) · exploited
CVE-2022-22965 — critical · Maven/org.springframework.boot:spring-boot-starter-webflux · exploited
CVE-2022-22965 — critical · Maven/org.springframework:spring-webflux · exploited
CVE-2022-22965 — critical · Maven/org.springframework.boot:spring-boot-starter-web · exploited
CVE-2022-22965 — critical · Maven/org.springframework:spring-webmvc · exploited
CVE-2022-22965 — critical · Maven/org.springframework:spring-beans · exploited
SC-GHA-SCRIPT-INJECTION-2020 — high · CI/CD · GitHub Actions/GitHub Actions workflows
APPSEC-SSTI — critical · Web app/Server-Side Template Injection · exploited

Stateward flags Code Injection in your own code and dependencies on every pull request.

Scan my repo

Summarize with AI

ChatGPT Claude Perplexity

Sources: CISA KEV (public domain), OSV.dev & GitHub Advisory Database (CC-BY-4.0), FIRST EPSS, NVD/CWE (public domain). Served live from the Stateward advisory database.