Remote Code Execution

⚔️ Attack Types Related 19
slug: rce

Explanation

RCE (Remote Code Execution) は「攻撃者が遠隔から、サーバー上で任意のプログラムを実行できる」最も深刻な脆弱性です。 これが成立すると、サーバー全体が乗っ取られ、データ全削除・暗号通貨マイニング・ランサムウェア感染・他社攻撃の踏み台化など何でもされます。 セキュリティ業界では「最悪レベル」「最優先で塞ぐべき」と扱われます。
📌 Example
Log4Shell (CVE-2021-44228), Heartbleed (CVE-2014-0160) の後継 OpenSSL系, MOVEit Transfer (CVE-2023-34362) など。被害規模は数千億円〜兆円単位。

🔖 Related tags

🛡 Vulnerabilities tagged with this 1,235

ID Title
CVE-2026-1829 The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code...
CVE-2026-0611 Vulnerability in csharp (CVE-2026-0611)
CVE-2026-47117 Code Injection in openmed (CVE-2026-47117)
CVE-2026-7313 CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from...
CVE-2026-7195 CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x,...
CVE-2026-39552 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
CVE-2026-39553 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
CVE-2025-68886 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
CVE-2026-34906 Vulnerability in CVE-2026-34906 (CVE-2026-34906)
CVE-2026-9319 Unsafe Deserialization in deserialization (CVE-2026-9319)
CVE-2026-9311 Code Injection in ibm (CVE-2026-9311)
CVE-2026-9330 Unsafe Deserialization in deserialization (CVE-2026-9330)
CVE-2026-49121 Unsafe Deserialization in amd (CVE-2026-49121)
CVE-2026-7770 Vulnerability in CVE-2026-7770 (CVE-2026-7770)
CVE-2026-8931 Code Injection in CVE-2026-8931 (CVE-2026-8931)
CVE-2026-0826 Vulnerability in CVE-2026-0826 (CVE-2026-0826)
CVE-2026-10532 Unsafe Deserialization in ch.qos.logback:logback-core (CVE-2026-10532)
CVE-2026-7858 Unsafe Deserialization in deserialization (CVE-2026-7858)
CVE-2026-42359 Unsafe Deserialization in apache-airflow (CVE-2026-42359)
CVE-2024-21182 KEV Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
CVE-2018-25412 Vulnerability in deltasql-project (CVE-2018-25412)
CVE-2026-7465 Privilege Escalation in wordpress (CVE-2026-7465)
CVE-2026-44421 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs....
CVE-2026-49373 Vulnerability in jetbrains (CVE-2026-49373)
CVE-2026-49367 In JetBrains IntelliJ IDEA before 2026.1.1 command execution was possible via the guest user account
CVE-2026-45661 Path Traversal in path-traversal (CVE-2026-45661)
CVE-2026-45632 OS Command Injection in CVE-2026-45632 (CVE-2026-45632)
CVE-2026-45668 Path Traversal in path-traversal (CVE-2026-45668)
CVE-2026-10042 Unsafe Deserialization in deserialization (CVE-2026-10042)
CVE-2026-39292 Unrestricted File Upload in CVE-2026-39292 (CVE-2026-39292)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →