Remote Code Execution

⚔️ Attack Types Related 19
slug: rce

Explanation

RCE (Remote Code Execution) は「攻撃者が遠隔から、サーバー上で任意のプログラムを実行できる」最も深刻な脆弱性です。 これが成立すると、サーバー全体が乗っ取られ、データ全削除・暗号通貨マイニング・ランサムウェア感染・他社攻撃の踏み台化など何でもされます。 セキュリティ業界では「最悪レベル」「最優先で塞ぐべき」と扱われます。
📌 Example
Log4Shell (CVE-2021-44228), Heartbleed (CVE-2014-0160) の後継 OpenSSL系, MOVEit Transfer (CVE-2023-34362) など。被害規模は数千億円〜兆円単位。

🔖 Related tags

🛡 Vulnerabilities tagged with this 1,235

ID Title
CVE-2024-58348 Unrestricted File Upload in wordpress (CVE-2024-58348)
CVE-2023-54350 Vulnerability in c (CVE-2023-54350)
CVE-2024-58349 Unrestricted File Upload in wordpress (CVE-2024-58349)
CVE-2023-54352 Vulnerability in wordpress (CVE-2023-54352)
CVE-2026-11462 A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22. This...
CVE-2026-11463 A vulnerability was determined in USCiLab Cereal up to 1.3.2. Affected is an unknown function of...
CVE-2026-7537 Unrestricted File Upload in wordpress (CVE-2026-7537)
CVE-2026-7654 Unsafe Deserialization in wordpress (CVE-2026-7654)
CVE-2026-11429 Path Traversal in path-traversal (CVE-2026-11429)
CVE-2026-46400 Unrestricted File Upload in CVE-2026-46400 (CVE-2026-46400)
CVE-2026-11420 Path Traversal in path-traversal (CVE-2026-11420)
CVE-2026-11419 Path Traversal in path-traversal (CVE-2026-11419)
CVE-2026-5411 The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the...
CVE-2026-46392 HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0 of HAX CMS PHP, the `saveFile` endpoint validates upload extensions case-insensitively and writes the filen...
CVE-2026-46394 OS Command Injection in CVE-2026-46394 (CVE-2026-46394)
CVE-2026-45746 Vulnerability in termix (CVE-2026-45746)
CVE-2026-10732 Vulnerability in path-traversal (CVE-2026-10732)
CVE-2026-7762 Vulnerability in dos (CVE-2026-7762)
CVE-2026-7763 Vulnerability in c (CVE-2026-7763)
CVE-2026-25550 Vulnerability in csharp (CVE-2026-25550)
CVE-2026-8037 Command Injection in CVE-2026-8037 (CVE-2026-8037)
CVE-2026-41065 Vulnerability in CVE-2026-41065 (CVE-2026-41065)
CVE-2026-45431 OS Command Injection in CVE-2026-45431 (CVE-2026-45431)
CVE-2026-41283 Authorization Flaw in CVE-2026-41283 (CVE-2026-41283)
CVE-2026-10777 A vulnerability was identified in ealpha072 Student-Management-System up to...
CVE-2026-44016 Code Injection in docling (CVE-2026-44016)
CVE-2026-44017 Path Traversal in docling (CVE-2026-44017)
CVE-2026-5241 Vulnerability in huggingface (CVE-2026-5241)
CVE-2026-49143 Code Injection in browserstack-runner (CVE-2026-49143)
CVE-2026-42211 React Router's vendored turbo-stream v2 allows arbitrary constructor invocation via TYPE_ERROR deserialization leading to Unauth RCE

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →