Remote Code Execution

⚔️ Attack Types Related 19
slug: rce

Explanation

RCE (Remote Code Execution) は「攻撃者が遠隔から、サーバー上で任意のプログラムを実行できる」最も深刻な脆弱性です。 これが成立すると、サーバー全体が乗っ取られ、データ全削除・暗号通貨マイニング・ランサムウェア感染・他社攻撃の踏み台化など何でもされます。 セキュリティ業界では「最悪レベル」「最優先で塞ぐべき」と扱われます。
📌 Example
Log4Shell (CVE-2021-44228), Heartbleed (CVE-2014-0160) の後継 OpenSSL系, MOVEit Transfer (CVE-2023-34362) など。被害規模は数千億円〜兆円単位。

🔖 Related tags

🛡 Vulnerabilities tagged with this 1,235

ID Title
CVE-2026-0974 Vulnerability in wordpress (CVE-2026-0974)
CVE-2025-14009 Code Injection in nltk (CVE-2025-14009)
CVE-2026-22208 Vulnerability in CVE-2026-22208 (CVE-2026-22208)
CVE-2025-65480 OS Command Injection in CVE-2025-65480 (CVE-2025-65480)
CVE-2026-1615 Code Injection in CVE-2026-1615 (CVE-2026-1615)
CVE-2026-22778 Vulnerability in vllm (CVE-2026-22778)
CVE-2026-24881 Vulnerability in dos (CVE-2026-24881)
CVE-2025-15467 Out-of-Bounds Write in cisa (CVE-2025-15467)
CVE-2025-15059 Vulnerability in gimp (CVE-2025-15059)
CVE-2025-56005 Unsafe Deserialization in dabeaz (CVE-2025-56005)
CVE-2021-47839 Cross-Site Scripting (XSS) in CVE-2021-47839 (CVE-2021-47839)
CVE-2025-69262 pnpm is a package manager. Versions 6.25.0 through 10.26.2 have a Command Injection vulnerability when using environment variable substitution in .npmrc configuration files with tokenHelper settings....
CVE-2025-69264 Vulnerability in pnpm (CVE-2025-69264)
CVE-2025-11157 Unsafe Deserialization in CVE-2025-11157 (CVE-2025-11157)
CVE-2025-2155 Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade...
CVE-2023-53888 Code Injection in zomp (CVE-2023-53888)
CVE-2025-34291 KEV [KEV] Vulnerability in langflow (CVE-2025-34291)
CVE-2025-63258 Command Injection in CVE-2025-63258 (CVE-2025-63258)
CVE-2025-56399 Code Injection in laravel (CVE-2025-56399)
CVE-2025-55752 Vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752)
CVE-2025-54236 KEV [KEV] Vulnerability in Adobe commerce (CVE-2025-54236)
CVE-2025-57567 Code Injection in CVE-2025-57567 (CVE-2025-57567)
CVE-2025-60641 SQL Injection in sqli (CVE-2025-60641)
CVE-2025-56588 Code Injection in dolibarr (CVE-2025-56588)
CVE-2025-56513 Vulnerability in nicehash (CVE-2025-56513)
CVE-2020-36851 SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-36851)
CVE-2025-57819 KEV [KEV] SQL Injection in Sangoma freepbx (CVE-2025-57819)
CVE-2025-34162 SQL Injection in sqli (CVE-2025-34162)
CVE-2025-34163 Unrestricted File Upload in CVE-2025-34163 (CVE-2025-34163)
CVE-2025-71344 Unsafe Deserialization in picklescan (CVE-2025-71344)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →