Register
Login
Toggle navigation
SaaS Solutions
Vulnerability Intelligence
Vulnerability Management
Pricing
Vulnerabilities
Reports
Blog
Contact Us
Main
Vulnerability Database
CWE List
CWE-506 - Embedded Malicious Code
Description
The application contains code that is malicious in nature and allows an attacker to gain unauthorized access to the application or its component.
Latest vulnerabilities for CWE-506
Backdoor in reviewdog
2025-03-25
Critical
Yes
Zero Day
Embedded malicious code in tj-actions changed-files
2025-03-17
High
No
Zero Day
Public exploit
Usage of compromise version of polyfill.io in mitmproxy pdoc
2024-10-03
High
Yes
Backdoor in Justice AV Solutions Viewer software
2024-05-24
Critical
Yes
Zero Day
Embedded malicious code in XZ Utils
2024-04-01
Critical
No
Zero Day
Public exploit
Embedded malicious code in Ledger Connect Kit
2023-12-14
High
Yes
Zero Day
Backdoor in Gigabyte UEFI firmware
2023-06-01
Critical
Yes
Zero Day
Backdoor in 3CX Electron desktop app for Windows and Mac
2023-03-30
Critical
Yes
Zero Day
Hard-coded credentials in Questions For Confluence app for Confluence Server and Data Center
2022-07-25
Critical
Yes
Public exploit
Embedded malicious code (backdoor) in api-res-py package for PyPI
2022-06-13
High
No
References
Description of CWE-506 on Mitre website