CWE-7710 advisories

Command Injection

What it is

Untrusted input is used to construct a command, letting an attacker inject additional commands.

How to fix it

Patch and pass arguments as data, not concatenated command strings.

How to avoid it

Use parameterized command APIs and validate every input against an allow-list.

Known Command Injection vulnerabilities

AI-GROK-BANKR-WALLET-2026 — critical · Twitter/X/Grok (xAI) + Bankrbot crypto agent on X · exploited
AI-FORCEDLEAK-AGENTFORCE-2025 — critical · Salesforce Agentforce/Salesforce Agentforce (Web-to-Lead) · exploited
AI-LENOVO-LENA-XSS-2025 — high · Lenovo/Lenovo 'Lena' GPT-4 customer-service chatbot · exploited
AI-GEMINI-INVITATION-PROMPTWARE-2025 — high · Google Gemini/Google Gemini (Calendar/Workspace integration) · exploited
CVE-2025-54132 — high · AI coding/AI coding agents (Cursor, GitHub Copilot, Claude Code, Windsurf) · exploited
AI-MCP-TOOL-POISONING-2025 — critical · MCP/MCP tool poisoning · exploited
AI-MEMORY-POISONING-2024 — high · LLM security/Agent memory poisoning · exploited
AI-LIVING-OFF-COPILOT-2024 — high · Microsoft Copilot/Living off Microsoft Copilot
AI-CHEVROLET-CHATBOT-2023 — medium · AI chatbot/Chevrolet of Watsonville ChatGPT chatbot · exploited
AI-REMOTELI-BOT-2022 — high · Twitter/X/remoteli.io GPT-3 Twitter bot · exploited

Stateward flags Command Injection in your own code and dependencies on every pull request.

Scan my repo

Summarize with AI

ChatGPT Claude Perplexity

Sources: CISA KEV (public domain), OSV.dev & GitHub Advisory Database (CC-BY-4.0), FIRST EPSS, NVD/CWE (public domain). Served live from the Stateward advisory database.