Remote Code Execution

⚔️ Attack Types Related 19
slug: rce

Explanation

RCE (Remote Code Execution) は「攻撃者が遠隔から、サーバー上で任意のプログラムを実行できる」最も深刻な脆弱性です。 これが成立すると、サーバー全体が乗っ取られ、データ全削除・暗号通貨マイニング・ランサムウェア感染・他社攻撃の踏み台化など何でもされます。 セキュリティ業界では「最悪レベル」「最優先で塞ぐべき」と扱われます。
📌 Example
Log4Shell (CVE-2021-44228), Heartbleed (CVE-2014-0160) の後継 OpenSSL系, MOVEit Transfer (CVE-2023-34362) など。被害規模は数千億円〜兆円単位。

🔖 Related tags

🛡 Vulnerabilities tagged with this 1,234

ID Title
CVE-2026-31072 Unsafe Deserialization in apscheduler (CVE-2026-31072)
CVE-2026-2587 Vulnerability in org.glassfish.main.admingui:admingui (CVE-2026-2587)
CVE-2026-2586 Code Injection in org.glassfish.main.admingui:console-common (CVE-2026-2586)
CVE-2026-45721 Vulnerability in github.com/xyproto/algernon (CVE-2026-45721)
CVE-2026-47323 Vulnerability in org.apache.camel:camel-cxf-rest (CVE-2026-47323)
CVE-2026-42099 Vulnerability in sparxsystems (CVE-2026-42099)
CVE-2026-4883 Unrestricted File Upload in wordpress (CVE-2026-4883)
CVE-2026-8727 Unsafe Deserialization in tomasnorre/crawler (CVE-2026-8727)
CVE-2026-46725 Unsafe Deserialization in mmc/ceselector (CVE-2026-46725)
CVE-2026-45434 Authentication Bypass in apache (CVE-2026-45434)
CVE-2026-4885 Unrestricted File Upload in wordpress (CVE-2026-4885)
CVE-2026-27648 in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre...
CVE-2026-24792 in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre...
CVE-2026-27891 FacturaScripts is an open source accounting and invoicing software. Versions 2026 and below contain a critical vulnerability in the Plugins::add() function. The system fails to properly validate the f...
CVE-2026-26978 Unsafe Deserialization in CVE-2026-26978 (CVE-2026-26978)
CVE-2026-45495 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2026-26462 Vulnerability in CVE-2026-26462 (CVE-2026-26462)
CVE-2026-45135 Vulnerability in github.com/caddyserver/caddy/v2 (CVE-2026-45135)
CVE-2026-7304 Unsafe Deserialization in sglang (CVE-2026-7304)
CVE-2026-7301 Unsafe Deserialization in sglang (CVE-2026-7301)
CVE-2026-6902 Code Injection in CVE-2026-6902 (CVE-2026-6902)
CVE-2026-8507 Out-of-Bounds Write in CVE-2026-8507 (CVE-2026-8507)
CVE-2018-25332 Vulnerability in gitbucket (CVE-2018-25332)
CVE-2018-25324 Vulnerability in wordpress (CVE-2018-25324)
CVE-2021-47976 Cross-Site Request Forgery (CSRF) in csrf (CVE-2021-47976)
CVE-2021-47952 Code Injection in deserialization (CVE-2021-47952)
CVE-2020-37227 Unrestricted File Upload in CVE-2020-37227 (CVE-2020-37227)
CVE-2026-46703 Path Traversal in boxlite (CVE-2026-46703)
CVE-2025-67031 Code Injection in CVE-2025-67031 (CVE-2025-67031)
CVE-2026-44826 Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.2, Vvveb CMS does not validate the sign of the quantity parameter on the cart-add...

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →