VariantIncomplete
CWE-95Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
Category: injection
Description
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call (e.g. "eval").
Common consequences· 5
- Confidentiality — Read Files or Directories, Read Application DataThe injected code could access restricted data / files.
- Access Control — Bypass Protection MechanismIn some cases, injectable code controls authentication; this may lead to a remote vulnerability.
- Access Control — Gain Privileges or Assume IdentityInjected code can access resources that the attacker is directly prevented from accessing.
- Integrity / Confidentiality / Availability / Other — Execute Unauthorized Code or CommandsCode injection attacks can lead to loss of data integrity in nearly all cases as the control-plane data injected is always incidental to data recall or writing. Additionally, code injection can often result in the execution of arbitrary code or at least modify what code can be executed.
- Non-Repudiation — Hide ActivitiesOften the actions performed by injected control code are unlogged.
Potential mitigations· 4
- [Architecture and Design, Implementation]If possible, refactor your code so that it does not need to use eval() at all.
- [Implementation]
- [Implementation]
- [Implementation]
Related CAPEC attack patterns· 1
References
Exploits (incoming)1
| Type | Target | Confidence | Tier |
|---|---|---|---|
| AttackPattern | Leverage Executable Code in Non-Executable Filescapec-35 | 100% | live |
(incoming)42
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Vulnerability | XWiki Platform Eval Injection Vulnerabilitycve-2025-24893 | 0% | live |
| Vulnerability | CVE-2025-26845cve-2025-26845 | 0% | live |
| Vulnerability | CVE-2025-27603cve-2025-27603 | 0% | live |
| Vulnerability | CVE-2025-40943cve-2025-40943 | 0% | live |
| Vulnerability | CVE-2025-49013cve-2025-49013 | 0% | live |
| Vulnerability | CVE-2025-50187cve-2025-50187 | 0% | live |
| Vulnerability | CVE-2025-54322cve-2025-54322 | 0% | live |
| Vulnerability | CVE-2025-55727cve-2025-55727 | 0% | live |
| Vulnerability | CVE-2025-55728cve-2025-55728 | 0% | live |
| Vulnerability | CVE-2025-61955cve-2025-61955 | 0% | live |
| Vulnerability | CVE-2025-64496cve-2025-64496 | 0% | live |
| Vulnerability | CVE-2025-65530cve-2025-65530 | 0% | live |
| Vulnerability | CVE-2025-66474cve-2025-66474 | 0% | live |
| Vulnerability | CVE-2025-68271cve-2025-68271 | 0% | live |
| Vulnerability | CVE-2025-8420cve-2025-8420 | 0% | live |
| Vulnerability | CVE-2026-0769cve-2026-0769 | 0% | live |
| Vulnerability | CVE-2026-0863cve-2026-0863 | 0% | live |
| Vulnerability | CVE-2026-1470cve-2026-1470 | 0% | live |
| Vulnerability | CVE-2026-23885cve-2026-23885 | 0% | live |
| Vulnerability | CVE-2026-27493cve-2026-27493 | 0% | live |
| Vulnerability | CVE-2026-27702cve-2026-27702 | 0% | live |
| Vulnerability | CVE-2026-28370cve-2026-28370 | 0% | live |
| Vulnerability | CVE-2026-28505cve-2026-28505 | 0% | live |
| Vulnerability | CVE-2026-29091cve-2026-29091 | 0% | live |
| Vulnerability | Langflow Code Injection Vulnerabilitycve-2026-33017 | 0% | live |
| Vulnerability | CVE-2026-33618cve-2026-33618 | 0% | live |
| Vulnerability | CVE-2026-35002cve-2026-35002 | 0% | live |
| Vulnerability | CVE-2026-4001cve-2026-4001 | 0% | live |
| Vulnerability | CVE-2026-40316cve-2026-40316 | 0% | live |
| Vulnerability | CVE-2026-42079cve-2026-42079 | 0% | live |
Showing top 30 of 42 by confidence. Click any target to see the full neighbourhood.
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.