CVE-2014-6278CISA KEVEPSS p99.9%

CVE-2014-6278GNU Bash OS Command Injection Vulnerability

GNU / GNU Bash

Description

GNU Bash contains an OS command injection vulnerability which allows remote attackers to execute arbitrary commands via a crafted environment.

Scoring

EPSS99.62% probability of exploitation · percentile 99.9% · 2026-06-16T12:03:06Z

CISA KEV entry

Added to KEV: 2025-10-02

(incoming)1

TypeTargetConfidenceTier
KEVEntryGNU Bash OS Command Injection Vulnerabilitykev-cve-2014-62780%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
CVE
GNU InetUtils Argument Injection Vulnerability
CVE
CVE-2025-64128
CVE
Nagios XI OS Command Injection
CVE
CVE-2026-35386
CVE
PHP-CGI OS Command Injection Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.