Remote Code Execution
Remote Code Execution (RCE) vulnerabilities allow an attacker to execute arbitrary code on a remote system without authorization. These are among the most severe vulnerabilities as they can lead to complete system compromise.
289
CRITICAL
Execution
Understanding Remote Code Execution
Remote Code Execution vulnerabilities represent the most critical class of security flaws. When exploited, they allow attackers to run arbitrary commands on a target system, often with the same privileges as the vulnerable application.
RCE vulnerabilities commonly arise from unsafe deserialization, command injection, or memory corruption bugs. They're frequently found in web applications, network services, and system utilities.
How to Identify
- •Look for input validation bypasses in file upload functionality
- •Check for unsafe deserialization of user-controlled data
- •Test command execution functions with special characters
- •Review template engines for server-side template injection
Prevention Best Practices
- ✓Use parameterized queries and prepared statements
- ✓Implement strict input validation and sanitization
- ✓Run applications with minimal privileges
- ✓Keep all software dependencies up to date
- ✓Use security headers and Content Security Policy
Remote Code Execution CVEs (289)
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-28688 | 5.3 | This vulnerability allows an attacker to potentially crash the ImageMagick software or execute arbitrary code by exploiting a flaw in how images are handled, specifically when a cloned image is improperly destroyed. It affects versions prior to 7.1.2-16 and 6.9.13-41, so users running older versions are at risk if they process untrusted image files. | imagemagickimagemagick | Theoretical | 29 days agoMar 10, 2026 |
| CVE-2026-28687 | 5.3 | An attacker can exploit a flaw in ImageMagick's MSL file processing to access and manipulate freed memory, potentially leading to crashes or arbitrary code execution if they can get a user to open a specially crafted MSL file. This vulnerability affects versions before 7.1.2-16 and 6.9.13-41, so updating to these versions or later is essential for protection. | imagemagickimagemagick | Theoretical | 29 days agoMar 10, 2026 |
| CVE-2026-28686 | 6.8 | This vulnerability allows an attacker to potentially execute malicious code on a system running vulnerable versions of ImageMagick by sending specially crafted PCL files, which can cause the software to crash or behave unexpectedly. To exploit this, the attacker needs access to a system where ImageMagick processes these files, making it important for users to update to the fixed versions to protect against this risk. | imagemagickimagemagick | Theoretical | 29 days agoMar 10, 2026 |
| CVE-2026-28494 | 7.1 | This vulnerability allows an attacker to crash the ImageMagick software or potentially execute malicious code by sending specially crafted image processing requests that exceed the expected size limits. It affects versions prior to 7.1.2-16 and 6.9.13-41, so users running older versions are at risk if they process untrusted image data. | imagemagickimagemagick | Exploit Available | 29 days agoMar 10, 2026 |
| CVE-2026-28493 | 6.5 | An attacker can exploit a vulnerability in ImageMagick to manipulate specially crafted images, potentially causing the software to crash or execute malicious code. This issue affects versions prior to 7.1.2-16, so updating to this version or later is essential to protect against it. | imagemagickimagemagick | Theoretical | 29 days agoMar 10, 2026 |
| CVE-2026-28433 | 2.3 | This vulnerability allows an attacker to import other users' data from Misskey servers, but they need to know the specific ID of the file they want to access. While the risk is considered low, it still poses a potential privacy issue for users on affected versions of the platform. | misskeymisskey | Theoretical | 29 days agoMar 10, 2026 |
| CVE-2026-28432 | 7.1 | An attacker can bypass security checks that verify the authenticity of messages sent between Misskey servers, which could allow them to send fake or malicious content. This vulnerability affects all Misskey servers, regardless of whether they are set up to communicate with other servers or not, and it has been fixed in the latest version. | misskeymisskey | Exploit Available | 29 days agoMar 10, 2026 |
| CVE-2026-28431 | 9.2 | This vulnerability allows attackers to access sensitive data on Misskey servers that they shouldn't be able to see, potentially leading to a major data breach. It affects all versions from 8.45.0 up to, but not including, 2026.3.1, regardless of whether the server's federation feature is turned on. | misskeymisskey | Exploit Available | 29 days agoMar 10, 2026 |
| CVE-2026-3038 | 7.5 | This vulnerability allows an unprivileged user to crash the operating system by exploiting a flaw in the way routing information is handled, leading to a stack overflow. While the crash is a protective measure, it could potentially be bypassed by other vulnerabilities, allowing an attacker to gain higher privileges on the system. | Unknown | Exploit Available | 30 days agoMar 9, 2026 |
| CVE-2026-21736 | 4.4 | An attacker can exploit this vulnerability to gain unauthorized write access to protected memory areas, potentially allowing them to modify sensitive data. This can happen when the software is running as a non-privileged user and improperly handles memory protections, making it easier for attackers to manipulate the system. | imaginationtechddk | Exploit Available | 30 days agoMar 9, 2026 |
| CVE-2026-3817 | 5.5 | An attacker can gain unauthorized access to sensitive patient information by exploiting a flaw in the queue management system's patient search feature, which can be done remotely. This vulnerability requires no special access or credentials, making it easier for malicious users to take advantage of it. | pamzeypatients waiting area queue management system | Exploit Available | 30 days agoMar 9, 2026 |
| CVE-2026-3812 | 5.3 | This vulnerability allows an attacker to inject malicious scripts into the payroll management system, potentially compromising user data or session information. It can be exploited remotely by manipulating a specific part of the web application without needing special access or credentials. | angeljudesuarezpayroll management system | Exploit Available | 30 days agoMar 9, 2026 |
| CVE-2025-41765 | 9.1 | An attacker can exploit a flaw in the universal BACnet router firmware to upload and apply any type of data, such as malicious files or sensitive configuration settings, without proper authorization. This can happen remotely through a specific web endpoint, meaning the attacker doesn’t need physical access to the device. | mbs-solutionsuniversal bacnet router firmware | Exploit Available | 30 days agoMar 9, 2026 |
| CVE-2025-41764 | 9.1 | An attacker can remotely upload and install malicious updates on the universal BACnet router firmware because the system does not properly check if they are authorized to do so. This means that anyone with access to the specific update endpoint can take control of the device without needing any special permissions. | mbs-solutionsuniversal bacnet router firmware | Theoretical | 30 days agoMar 9, 2026 |
| CVE-2025-41763 | 6.5 | This vulnerability allows a low-privileged remote attacker to download sensitive files, such as system backups and certificate requests, from the device. The attacker can exploit this by accessing a specific web endpoint without needing high-level permissions. | mbs-solutionsuniversal bacnet router firmware | Exploit Available | 30 days agoMar 9, 2026 |
| CVE-2025-41760 | 4.9 | This vulnerability allows an attacker to bypass security measures by sending any network traffic through the universal BACnet router, even if an administrator tries to block it with an empty filter list. The issue arises because the router does not enforce restrictions when the filter is empty, meaning no special conditions are needed for an attacker to exploit this flaw. | mbs-solutionsuniversal bacnet router firmware | Theoretical | 30 days agoMar 9, 2026 |
| CVE-2026-3766 | 5.1 | This vulnerability allows an attacker to inject malicious scripts into the web-based pharmacy management system, potentially compromising user data and session information. It can be exploited remotely by manipulating the "fullname" field in the profile editing function, making it a risk for any user interacting with the system. | senior-walterweb-based pharmacy product management system | Exploit Available | about 1 month agoMar 8, 2026 |
| CVE-2026-3765 | 6.9 | This vulnerability allows an attacker to remotely manipulate the university management system's database by exploiting a flaw in a specific file, which can lead to unauthorized access to sensitive information. The attacker needs to send a specially crafted request to the system, and there are publicly available tools that can facilitate this exploit. | angeljudesuarezuniversity management system | Exploit Available | about 1 month agoMar 8, 2026 |
| CVE-2026-3764 | 6.9 | This vulnerability allows an attacker to gain unauthorized access to the client database management system, potentially letting them modify user information without proper permissions. The attack can be carried out remotely, meaning the attacker doesn't need physical access to the system, and it has been publicly disclosed, making it easier for malicious actors to exploit it. | lerouxyxchireclient database management system | Exploit Available | about 1 month agoMar 8, 2026 |
| CVE-2026-3762 | 6.9 | An attacker can gain unauthorized access to delete a manager from the client database management system by manipulating a specific ID in the system's code. This can be done remotely, meaning the attacker doesn't need to be on the same network as the target system. | lerouxyxchireclient database management system | Exploit Available | about 1 month agoMar 8, 2026 |