Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: rce Clear
ID Title
CVE-2026-57517 SQL Injection in sqli (CVE-2026-57517)
SQL injection in sqli (CVE-2026-57517). Successful exploitation can lead to full system takeover.
CVE-2026-57516 Unsafe Deserialization in deserialization (CVE-2026-57516)
vulnerability in deserialization (CVE-2026-57516). Successful exploitation can lead to full system takeover.
CVE-2026-23537 Vulnerability in dos (CVE-2026-23537)
vulnerability in dos (CVE-2026-23537). Data can be tampered with by attackers.
CVE-2026-8387 Vulnerability in path-traversal (CVE-2026-8387)
vulnerability in path-traversal (CVE-2026-8387). Risk of unauthorized operations or information disclosure.
CVE-2026-7838 Vulnerability in cpp (CVE-2026-7838)
vulnerability in cpp (CVE-2026-7838). Successful exploitation can lead to full system takeover.
CVE-2026-58449 Code Injection in CVE-2026-58449 (CVE-2026-58449)
code injection in CVE-2026-58449 (CVE-2026-58449). Successful exploitation can lead to full system takeover.
CVE-2026-13759 Unsafe Deserialization in ibm (CVE-2026-13759)
vulnerability in ibm (CVE-2026-13759). Successful exploitation can lead to full system takeover.
CVE-2026-13773 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-13773)
SSRF in ssrf (CVE-2026-13773). Risk of unauthorized operations or information disclosure.
CVE-2026-58138 Code Injection in CVE-2026-58138 (CVE-2026-58138)
code injection in CVE-2026-58138 (CVE-2026-58138). Successful exploitation can lead to full system takeover.
CVE-2026-10109 Code Injection in ibm (CVE-2026-10109)
code injection in ibm (CVE-2026-10109). Successful exploitation can lead to full system takeover.
CVE-2026-58169 Vulnerability in CVE-2026-58169 (CVE-2026-58169)
vulnerability in CVE-2026-58169 (CVE-2026-58169). Successful exploitation can lead to full system takeover. Exploitable via `Host header`.
CVE-2026-58116 Code Injection in hiyouga (CVE-2026-58116)
code injection in hiyouga (CVE-2026-58116). Successful exploitation can lead to full system takeover.
CVE-2026-53691 Unrestricted File Upload in CVE-2026-53691 (CVE-2026-53691)
vulnerability in CVE-2026-53691 (CVE-2026-53691). Risk of unauthorized operations or information disclosure.
CVE-2026-12240 Unsafe Deserialization in wordpress (CVE-2026-12240)
vulnerability in wordpress (CVE-2026-12240). Successful exploitation can lead to full system takeover.
CVE-2026-34597 OS Command Injection in CVE-2026-34597 (CVE-2026-34597)
OS command injection in CVE-2026-34597 (CVE-2026-34597). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.0.0-beta.470` or later.
CVE-2026-34594 OS Command Injection in CVE-2026-34594 (CVE-2026-34594)
OS command injection in CVE-2026-34594 (CVE-2026-34594). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.0.0-beta.471` or later.
CVE-2026-57950 ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control...
ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control...
CVE-2026-56285 Nitter's /video media proxy endpoint fails to validate target URLs against Twitter/X domains and...
Nitter's /video media proxy endpoint fails to validate target URLs against Twitter/X domains and...
CVE-2026-56290 KEV [KEV] Unrestricted File Upload in Joomlack page-builder-ck (CVE-2026-56290)
vulnerability in Joomlack page-builder-ck (CVE-2026-56290). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-40521 Path Traversal in path-traversal (CVE-2026-40521)
path traversal in path-traversal (CVE-2026-40521). Successful exploitation can lead to full system takeover.
CVE-2026-13165 Unrestricted File Upload in CVE-2026-13165 (CVE-2026-13165)
vulnerability in CVE-2026-13165 (CVE-2026-13165). Risk of unauthorized operations or information disclosure.
CVE-2026-58049 FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) performs 32-bit reads and writes...
FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) performs 32-bit reads and writes...
CVE-2026-49869 OS Command Injection in kestra (CVE-2026-49869)
OS command injection in kestra (CVE-2026-49869). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.0.45` or later.
CVE-2026-32833 OS Command Injection in CVE-2026-32833 (CVE-2026-32833)
OS command injection in CVE-2026-32833 (CVE-2026-32833). Successful exploitation can lead to full system takeover.
CVE-2026-52780 Vulnerability in CVE-2026-52780 (CVE-2026-52780)
vulnerability in CVE-2026-52780 (CVE-2026-52780). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `17.3.3` or later.
CVE-2026-48090 Use-After-Free in dos (CVE-2026-48090)
vulnerability in dos (CVE-2026-48090). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.37.5` or later.
CVE-2026-57518 Vulnerability in privilege-escalation (CVE-2026-57518)
vulnerability in privilege-escalation (CVE-2026-57518). Successful exploitation can lead to full system takeover.
CVE-2026-0685 Vulnerability in CVE-2026-0685 (CVE-2026-0685)
vulnerability in CVE-2026-0685 (CVE-2026-0685). Successful exploitation can lead to full system takeover.
CVE-2026-48706 Vulnerability in envoyproxy (CVE-2026-48706)
vulnerability in envoyproxy (CVE-2026-48706). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.13` or later.
CVE-2026-57315 Contributor Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.45 versions.
Contributor Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.45 versions.
CVE-2025-71338 Vulnerability in path-traversal (CVE-2025-71338)
vulnerability in path-traversal (CVE-2025-71338). Successful exploitation can lead to full system takeover.
CVE-2025-71336 OS Command Injection in flowiseai (CVE-2025-71336)
OS command injection in flowiseai (CVE-2025-71336). Successful exploitation can lead to full system takeover.
CVE-2025-71334 Vulnerability in flowiseai (CVE-2025-71334)
vulnerability in flowiseai (CVE-2025-71334). Successful exploitation can lead to full system takeover.
CVE-2025-71333 Vulnerability in path-traversal (CVE-2025-71333)
vulnerability in path-traversal (CVE-2025-71333). Successful exploitation can lead to full system takeover.
CVE-2026-56766 Vulnerability in CVE-2026-56766 (CVE-2026-56766)
vulnerability in CVE-2026-56766 (CVE-2026-56766). Successful exploitation can lead to full system takeover.
CVE-2026-54088 OS Command Injection in CVE-2026-54088 (CVE-2026-54088)
OS command injection in CVE-2026-54088 (CVE-2026-54088). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.63.6` or later.
CVE-2026-50548 Path Traversal in anysphere (CVE-2026-50548)
path traversal in anysphere (CVE-2026-50548). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.0` or later.
CVE-2026-50549 Vulnerability in anysphere (CVE-2026-50549)
vulnerability in anysphere (CVE-2026-50549). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.0` or later.
CVE-2026-55413 Code Injection in CVE-2026-55413 (CVE-2026-55413)
code injection in CVE-2026-55413 (CVE-2026-55413). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.20.178-lts` or later.
CVE-2026-56049 Contributor Remote Code Execution (RCE) in Post Snippets <= 4.0.19 versions.
Contributor Remote Code Execution (RCE) in Post Snippets <= 4.0.19 versions.
CVE-2026-54823 Contributor Remote Code Execution (RCE) in Widget Options <= 4.2.3 versions.
Contributor Remote Code Execution (RCE) in Widget Options <= 4.2.3 versions.
CVE-2026-41120 Vulnerability in dell (CVE-2026-41120)
vulnerability in dell (CVE-2026-41120). Successful exploitation can lead to full system takeover.
CVE-2026-49506 Path Traversal in path-traversal (CVE-2026-49506)
path traversal in path-traversal (CVE-2026-49506). Successful exploitation can lead to full system takeover.
CVE-2026-12244 Vulnerability in nlnetlabs (CVE-2026-12244)
vulnerability in nlnetlabs (CVE-2026-12244). Successful exploitation can lead to full system takeover.
CVE-2026-9786 SQL Injection in sqli (CVE-2026-9786)
SQL injection in sqli (CVE-2026-9786). Successful exploitation can lead to full system takeover.
CVE-2026-9783 SQL Injection in sqli (CVE-2026-9783)
SQL injection in sqli (CVE-2026-9783). Successful exploitation can lead to full system takeover.
CVE-2026-9785 SQL Injection in sqli (CVE-2026-9785)
SQL injection in sqli (CVE-2026-9785). Successful exploitation can lead to full system takeover.
CVE-2026-9784 SQL Injection in sqli (CVE-2026-9784)
SQL injection in sqli (CVE-2026-9784). Successful exploitation can lead to full system takeover.
CVE-2026-9787 OS Command Injection in quest (CVE-2026-9787)
OS command injection in quest (CVE-2026-9787). Successful exploitation can lead to full system takeover.
CVE-2026-9772 OS Command Injection in unraid (CVE-2026-9772)
OS command injection in unraid (CVE-2026-9772). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →