Remote Code Execution

⚔️ Attack Types Related 19
slug: rce

Explanation

RCE (Remote Code Execution) は「攻撃者が遠隔から、サーバー上で任意のプログラムを実行できる」最も深刻な脆弱性です。 これが成立すると、サーバー全体が乗っ取られ、データ全削除・暗号通貨マイニング・ランサムウェア感染・他社攻撃の踏み台化など何でもされます。 セキュリティ業界では「最悪レベル」「最優先で塞ぐべき」と扱われます。
📌 Example
Log4Shell (CVE-2021-44228), Heartbleed (CVE-2014-0160) の後継 OpenSSL系, MOVEit Transfer (CVE-2023-34362) など。被害規模は数千億円〜兆円単位。

🔖 Related tags

🛡 Vulnerabilities tagged with this 1,234

ID Title
CVE-2026-4480 OS Command Injection in redhat (CVE-2026-4480)
CVE-2026-45247 KEV [KEV] Unsafe Deserialization in Mirasvit full-page-cache-warmer (CVE-2026-45247)
CVE-2026-42785 Code Injection in CVE-2026-42785 (CVE-2026-42785)
CVE-2026-40034 Command Injection in gix (CVE-2026-40034)
CVE-2026-40033 Vulnerability in freerdp (CVE-2026-40033)
CVE-2026-4372 Unsafe Deserialization in transformers (CVE-2026-4372)
CVE-2026-3515 Vulnerability in prefect (CVE-2026-3515)
CVE-2018-25357 Code Injection in dolibarr/dolibarr (CVE-2018-25357)
CVE-2026-44417 Vulnerability in org.apache.cxf:cxf-rt-transports-jms (CVE-2026-44417)
CVE-2026-47125 Vulnerability in github.com/getarcaneapp/arcane/backend (CVE-2026-47125)
CVE-2026-9264 Vulnerability in CVE-2026-9264 (CVE-2026-9264)
CVE-2026-6960 Unrestricted File Upload in wordpress (CVE-2026-6960)
CVE-2026-8421 Cross-Site Request Forgery (CSRF) in concrete5/concrete5 (CVE-2026-8421)
CVE-2026-8426 Cross-Site Request Forgery (CSRF) in concrete5/concrete5 (CVE-2026-8426)
CVE-2026-8135 Unsafe Deserialization in concrete5/concrete5 (CVE-2026-8135)
CVE-2026-8134 Vulnerability in concrete5/concrete5 (CVE-2026-8134)
CVE-2026-46517 Code Injection in lmdeploy (CVE-2026-46517)
CVE-2026-2740 Zohocorp ManageEngine ADSelfService Plus version before 6525, DataSecurity Plus before 6264 and...
CVE-2026-5433 Vulnerability in CVE-2026-5433 (CVE-2026-5433)
CVE-2026-6279 Vulnerability in wordpress (CVE-2026-6279)
CVE-2026-9102 Path Traversal in path-traversal (CVE-2026-9102)
CVE-2026-39311 Cross-Site Scripting (XSS) in CVE-2026-39311 (CVE-2026-39311)
CVE-2026-8467 Code Injection in phoenix_storybook (CVE-2026-8467)
CVE-2026-33278 Use-After-Free in dos (CVE-2026-33278)
CVE-2026-6555 Unrestricted File Upload in wordpress (CVE-2026-6555)
CVE-2026-35593 Path Traversal in CVE-2026-35593 (CVE-2026-35593)
CVE-2026-34234 OS Command Injection in CVE-2026-34234 (CVE-2026-34234)
CVE-2026-34216 Vulnerability in CVE-2026-34216 (CVE-2026-34216)
CVE-2026-6009 Unsafe Deserialization in CVE-2026-6009 (CVE-2026-6009)
CVE-2026-33633 Vulnerability in dos (CVE-2026-33633)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →