CWE-78 - OS Command Injection - Cwe

Threat entity extracted from intelligence sources

Frequency
236
occurrences
First Seen
April 14, 2026
Last Seen
July 17, 2026

CWE-78 - OS Command Injection is a cwe tracked across 50 threat clusters and 236 intelligence report mentions on ThreatCluster. First observed April 14, 2026; most recent activity July 17, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • Comet Prompt Injection — brave.com · July 17, 2026
  • Google Mandiant warns of exposed serverless functions as attack vector — Feeds.Feedburner · July 16, 2026
  • Hardening serverless cloud functions against lateral movement and AI risks — Feeds.4Sysops · July 16, 2026
  • Ubuntu 16.04 Ruby Critical IMAP Injection Buffer Overflow USN-8556 — Linuxsecurity · July 16, 2026
  • USN-8556-1: Ruby vulnerabilities — Ubuntu · July 16, 2026
  • Remote Code Execution (RCE) in WordPress WP Ultimate CSV Importer Plugin — Patchstack · July 16, 2026
  • Zoom Fixes CVE-2026-53412, a Critical Account Takeover Bug — Securityaffairs · July 16, 2026
  • SonicWall SMA1000 vulnerabilities in active exploitation — Sophos · July 15, 2026

CVSS v3.1 Breakdown