Remote Code Execution

⚔️ Attack Types Related 19
slug: rce

Explanation

RCE (Remote Code Execution) は「攻撃者が遠隔から、サーバー上で任意のプログラムを実行できる」最も深刻な脆弱性です。 これが成立すると、サーバー全体が乗っ取られ、データ全削除・暗号通貨マイニング・ランサムウェア感染・他社攻撃の踏み台化など何でもされます。 セキュリティ業界では「最悪レベル」「最優先で塞ぐべき」と扱われます。
📌 Example
Log4Shell (CVE-2021-44228), Heartbleed (CVE-2014-0160) の後継 OpenSSL系, MOVEit Transfer (CVE-2023-34362) など。被害規模は数千億円〜兆円単位。

🔖 Related tags

🛡 Vulnerabilities tagged with this 1,234

ID Title
CVE-2026-50223 Code Injection in apache (CVE-2026-50223)
CVE-2026-2049 Vulnerability in CVE-2026-2049 (CVE-2026-2049)
CVE-2026-46529 Command Injection in c (CVE-2026-46529)
CVE-2026-20251 Unsafe Deserialization in deserialization (CVE-2026-20251)
CVE-2026-45556 Vulnerability in nginx (CVE-2026-45556)
CVE-2026-45558 Vulnerability in c (CVE-2026-45558)
CVE-2026-52751 Unsafe Deserialization in deserialization (CVE-2026-52751)
CVE-2026-11815 Unsafe Deserialization in CVE-2026-11815 (CVE-2026-11815)
CVE-2026-44963 Unsafe Deserialization in CVE-2026-44963 (CVE-2026-44963)
CVE-2026-48306 Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write...
CVE-2026-48305 Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write...
CVE-2026-47907 Dreamweaver Desktop versions 21.7 and earlier are affected by an Improper Access Control...
CVE-2026-47906 Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third...
CVE-2026-47908 Dreamweaver Desktop versions 21.7 and earlier are affected by an Access of Uninitialized Pointer...
CVE-2026-34709 Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write...
CVE-2026-34710 Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write...
CVE-2026-36723 Path Traversal in path-traversal (CVE-2026-36723)
CVE-2026-45447 Use-After-Free in openssl (CVE-2026-45447)
CVE-2026-49959 OS Command Injection in CVE-2026-49959 (CVE-2026-49959)
CVE-2026-10520 KEV [KEV] OS Command Injection in Ivanti standalone-sentry (CVE-2026-10520)
CVE-2026-9279 OS Command Injection in CVE-2026-9279 (CVE-2026-9279)
CVE-2026-49740 Unsafe Deserialization in typo3/cms-core (CVE-2026-49740)
CVE-2026-8365 Unsafe Deserialization in wordpress (CVE-2026-8365)
CVE-2026-45034 Unsafe Deserialization in phpoffice/phpspreadsheet (CVE-2026-45034)
CVE-2026-40519 OS Command Injection in nginx (CVE-2026-40519)
CVE-2026-25559 Path Traversal in path-traversal (CVE-2026-25559)
CVE-2026-25856 Code Injection in c (CVE-2026-25856)
CVE-2026-25855 OS Command Injection in CVE-2026-25855 (CVE-2026-25855)
CVE-2026-11483 A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0. This...
CVE-2024-58348 Unrestricted File Upload in wordpress (CVE-2024-58348)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →