Skip to main content

RCE

31891 CVEs technique

Monthly

CVE-2019-25266 HIGH POC This Week

Wondershare Application Framework Service 2.4.3.231 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-1499 HIGH This Week

WP Duplicate WordPress plugin has a missing authorization vulnerability leading to arbitrary file deletion that can destroy the WordPress installation.

WordPress RCE Authentication Bypass Path Traversal File Upload
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2025-15566 HIGH This Week

A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-proxy-set-headers` Ingress annotation can be used to inject configuration into nginx. [CVSS 8.8 HIGH]

Nginx Kubernetes RCE
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-15311 HIGH This Week

Tanium addressed an unauthorized code execution vulnerability in Tanium Appliance. [CVSS 7.8 HIGH]

RCE Tanos
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-70073 HIGH POC This Week

An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation function [CVSS 7.2 HIGH]

RCE Code Injection Chestnutcms
NVD GitHub
CVSS 3.1
7.2
EPSS
0.3%
CVE-2025-69906 HIGH POC This Week

Monstra Cms versions up to 3.0.4 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

RCE Monstra Cms
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2020-37142 HIGH POC This Week

10-Strike Network Inventory Explorer 8.54 contains a structured exception handler buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting SEH records. [CVSS 8.4 HIGH]

RCE Buffer Overflow
NVD Exploit-DB
CVSS 3.1
8.4
EPSS
0.1%
CVE-2020-37137 MEDIUM POC This Month

PHP-Fusion 9.03.50 contains a remote code execution vulnerability in the 'add_panel_form()' function that allows attackers to execute arbitrary code through an eval() function with unsanitized POST data. [CVSS 6.1 MEDIUM]

PHP RCE Phpfusion
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
0.1%
CVE-2020-37125 CRITICAL POC Act Now

Unauthenticated remote code execution via OS command injection in Edimax EW-7438RPn-v3 Mini wireless extender firmware 1.27. EPSS 1.3% with PoC available.

RCE Command Injection Ew 7438rpn Mini Firmware
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2020-37123 CRITICAL POC THREAT Emergency

Remote code execution via OS command injection in Pinger 1.0 allows attackers to inject shell commands through the ping target parameter. EPSS 12.2% indicates significant exploitation likelihood. PoC available.

PHP RCE
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
12.2%
CVE-2020-37121 MEDIUM POC This Month

CODE::BLOCKS 16.01 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler with crafted Unicode characters. [CVSS 5.5 MEDIUM]

RCE Buffer Overflow
NVD Exploit-DB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-37120 CRITICAL POC Act Now

Buffer overflow in Rubo DICOM Viewer 2.0 through the DICOM server name input field allows attackers to execute arbitrary code. PoC available.

RCE Buffer Overflow
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-61732 Go HIGH PATCH This Week

A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary. [CVSS 8.6 HIGH]

Go Code Injection RCE
NVD VulDB
CVSS 3.1
8.6
EPSS
0.0%
CVE-2019-25286 HIGH POC This Week

gbClientService contains a vulnerability that allows attackers to potentially execute arbitrary code with elevated privileges (CVSS 7.8).

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2019-25283 HIGH POC This Week

Shrew Soft VPN Client 2.2.2 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can place malicious executables in the unquoted service path to gain elevated access during service startup or system reboot. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2019-25275 HIGH POC This Week

BartVPNService contains a vulnerability that allows attackers to potentially execute arbitrary code with elevated system privileges (CVSS 7.8).

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2019-25274 HIGH POC This Week

ScsiAccess service contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2019-25273 HIGH POC This Week

EasyRedirect service contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2019-25272 HIGH POC This Week

CCSrvProxy service contains a vulnerability that allows attackers to execute arbitrary code (CVSS 7.8).

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2019-25267 HIGH POC This Week

Wing Ftp Server versions up to 6.0.7 contains a vulnerability that allows attackers to potentially execute arbitrary code with elevated system privileges (CVSS 7.8).

RCE Wing Ftp Server
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25546 npm HIGH PATCH This Week

Remote code execution in Godot MCP prior to version 0.1.1 results from unsafe shell command execution when processing user-supplied project paths. An unauthenticated attacker can inject shell metacharacters through multiple tools (create_scene, add_node, load_sprite, etc.) to execute arbitrary commands with the privileges of the MCP server process. No patch is currently available for affected deployments.

RCE Command Injection Godot Mcp
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25539 Go CRITICAL POC PATCH Act Now

SiYuan knowledge management system prior to 3.5.5 has a path traversal in /api/file/copyFile allowing arbitrary file operations on the server.

SSH RCE Siyuan
NVD GitHub
CVSS 3.1
9.1
EPSS
0.6%
CVE-2026-25512 HIGH POC PATCH THREAT Act Now

Authenticated attackers can execute arbitrary commands on Group-Office servers through unsanitized user input in the email attachment endpoint, where shell metacharacters are directly passed to system execution functions. The vulnerability affects Group-Office versions prior to 6.8.150, 25.0.82, and 26.0.5, and public exploit code exists. Organizations should apply available patches immediately as this is actively exploitable by authenticated users.

RCE Group Office
NVD GitHub
CVSS 3.1
8.8
EPSS
13.5%
CVE-2026-25143 Go HIGH PATCH This Week

Melange versions 0.10.0 through 0.40.2 allow unauthenticated command injection through the patch pipeline, enabling attackers to execute arbitrary shell commands on build hosts by injecting shell metacharacters into patch-related inputs such as series paths and filenames. This vulnerability affects users who build APK packages using melange build or melange license-check operations, particularly in CI/CD environments where build inputs may be controlled by untrusted sources. A patch is available in version 0.40.3 and later.

Command Injection RCE Melange Suse
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-24844 Go HIGH PATCH This Week

melange allows users to build apk packages using declarative pipelines. [CVSS 7.9 HIGH]

Command Injection RCE Melange Suse
NVD GitHub
CVSS 3.1
7.9
EPSS
0.0%
CVE-2026-25056 npm HIGH PATCH This Week

N8N versions up to 1.118.0 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

RCE AI / ML N8n
NVD GitHub
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-25055 npm HIGH PATCH This Week

n8n is an open source workflow automation platform. [CVSS 8.1 HIGH]

SSH RCE AI / ML N8n
NVD GitHub
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-25053 npm CRITICAL PATCH Act Now

n8n has a command injection vulnerability (CVSS 9.9) allowing authenticated users to execute arbitrary OS commands through workflow definitions.

RCE Command Injection Information Disclosure Node.js AI / ML +1
NVD GitHub
CVSS 3.1
9.9
EPSS
0.0%
CVE-2026-25049 npm CRITICAL POC PATCH Act Now

n8n workflow automation platform has an authenticated code execution vulnerability (CVSS 9.9) through improper runtime behavior modification, enabling server takeover.

RCE Command Injection Code Injection Node.js AI / ML +1
NVD GitHub
CVSS 3.1
9.9
EPSS
0.0%
CVE-2026-0662 HIGH This Week

Arbitrary code execution in Autodesk 3ds Max occurs when users open max files from maliciously crafted project directories that exploit an untrusted search path vulnerability. Local attackers can leverage this to execute arbitrary code with the privileges of the current user without requiring special permissions or interaction beyond opening a file. No patch is currently available for this high-severity vulnerability affecting 3ds Max users.

Privilege Escalation RCE 3ds Max
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-0661 HIGH This Week

Arbitrary code execution in Autodesk 3ds Max occurs when the application parses a maliciously crafted RGB image file, resulting in a CWE-787 out-of-bounds write that corrupts memory and lets an attacker run code in the context of the user running 3ds Max. No public exploit identified at time of analysis, and the EPSS probability is only 0.01%, but the CVSS base score of 8.4 reflects the high impact when a victim is convinced to open a weaponized asset file.

Memory Corruption Buffer Overflow RCE 3ds Max
NVD VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-0660 HIGH This Week

Stack-based buffer overflow in Autodesk 3ds Max enables arbitrary code execution when the application parses a maliciously crafted GIF file, running attacker code in the context of the current user process. The flaw carries a CVSS 8.4 (High) rating due to local attack vector but full confidentiality, integrity, and availability impact, with no public exploit identified at time of analysis and a very low EPSS probability (0.01%) reflecting the file-open user-interaction model typical of DCC software.

Buffer Overflow Stack Overflow RCE 3ds Max
NVD VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-0659 HIGH This Week

Malicious USD files trigger an out-of-bounds write vulnerability in Autodesk Arnold and 3ds Max, enabling arbitrary code execution within the affected application when a user loads or imports the crafted file. Local attackers with user interaction can exploit this to gain full system compromise with the privileges of the running process. No patch is currently available.

Buffer Overflow RCE
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-0538 HIGH This Week

Arbitrary code execution in Autodesk 3ds Max occurs when the application parses a maliciously crafted GIF file, triggering an out-of-bounds write (CWE-787) in its image-handling code. The flaw lets an attacker run code in the context of the user running 3ds Max; no public exploit identified at time of analysis and EPSS estimates exploitation probability at just 0.03%.

Buffer Overflow RCE Memory Corruption 3ds Max
NVD VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-0537 HIGH This Week

Arbitrary code execution in Autodesk 3ds Max occurs when the application parses a maliciously crafted RGB image file, triggering an out-of-bounds write (CWE-787) that corrupts memory in the running process. Exploitation requires a victim to open the malicious file locally, but no public exploit has been identified at time of analysis and EPSS rates real-world exploitation likelihood at just 0.01%. The flaw was reported by Autodesk PSIRT and is tracked under advisory ADSK-SA-2026-0002.

Memory Corruption Buffer Overflow RCE 3ds Max
NVD VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2025-69618 MEDIUM POC This Month

Coto versions up to 11.4.0 is affected by unrestricted upload of file with dangerous type (CVSS 6.5).

File Upload RCE Coto
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-15368 HIGH This Week

The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.7.26 via shortcodes 'template_name' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be...

WordPress PHP LFI Information Disclosure RCE
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-14740 MEDIUM This Month

Docker Desktop for Windows contains multiple incorrect permission assignment vulnerabilities in the installer's handling of the C:\ProgramData\DockerDesktop directory. [CVSS 6.7 MEDIUM]

Windows Docker Race Condition RCE
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2026-20981 MEDIUM This Month

Arbitrary command execution with system privileges in Android's FacAtFunction component allows a privileged physical attacker to bypass input validation controls prior to the February 2026 Security Maintenance Release 1. An adversary with physical access and elevated privileges can exploit this vulnerability to execute arbitrary commands at the system level. No patch is currently available.

RCE Android
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2026-20980 MEDIUM This Month

Android versions up to 14.0 contains a vulnerability that allows attackers to execute arbitrary commands (CVSS 6.8).

RCE Android
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-1756 HIGH This Week

WP FOFT Loader (WordPress plugin) is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

WordPress RCE
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-69621 HIGH This Week

file import process of Comic Book Reader v1.0.95 contains a vulnerability that allows attackers to overwrite critical internal files, potentially leading to arbitrary code executi (CVSS 6.5).

RCE
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2020-37084 HIGH POC This Week

School Erp Pro versions up to 1.0 is affected by unrestricted upload of file with dangerous type (CVSS 7.2).

PHP RCE School Erp Pro
NVD Exploit-DB
CVSS 3.1
7.2
EPSS
0.3%
CVE-2026-25510 PHP CRITICAL POC PATCH Act Now

CI4MS (CodeIgniter 4 CMS skeleton) has a code injection vulnerability (CVSS 9.9) allowing authenticated users to execute arbitrary PHP code through the CMS module system.

PHP RCE Ci4ms
NVD GitHub
CVSS 3.1
9.9
EPSS
0.4%
CVE-2020-37090 CRITICAL POC Act Now

School ERP Pro 1.0 allows students to upload arbitrary PHP files, enabling remote code execution from a low-privileged student account.

PHP RCE School Erp Pro
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2020-37071 CRITICAL POC Act Now

CraftCMS 3 vCard Plugin 1.0.0 has an insecure deserialization vulnerability allowing unauthenticated remote code execution through crafted vCard data.

PHP RCE Deserialization
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.5%
CVE-2020-37070 CRITICAL POC Act Now

CloudMe 1.11.2 cloud sync application has a buffer overflow enabling remote code execution through the network sync protocol.

RCE Buffer Overflow
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-65081 This Week

An out-of-bounds read vulnerability has been identified in the Postscript interpreter in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user.

Buffer Overflow RCE Information Disclosure
NVD
EPSS
0.1%
CVE-2025-65080 Monitor

A type confusion vulnerability has been identified in the Postscript interpreter in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user.

Buffer Overflow RCE
NVD
EPSS
0.1%
CVE-2025-65078 Monitor

An untrusted search path vulnerability has been identified in the Embedded Solutions Framework in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code.

Privilege Escalation RCE
NVD
EPSS
0.0%
CVE-2025-62673 HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tdpserver modules) allows adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a maliciously formed field.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-62405 HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-62404 HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-61983 HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields with zero‑length values.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-61944 HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields with zero‑length values.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-59487 HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-59482 HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-58455 HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-58077 HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted set of network packets containing an excessive number of host entries This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow RCE Archer Ax53 Firmware
NVD VulDB
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-70560 PyPI HIGH This Week

Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. [CVSS 8.4 HIGH]

Python Deserialization Boltz RCE
NVD GitHub
CVSS 3.1
8.4
EPSS
0.1%
CVE-2025-70559 PyPI MEDIUM PATCH This Month

pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. [CVSS 6.5 MEDIUM]

Python Privilege Escalation Deserialization RCE Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-69983 npm CRITICAL Act Now

FUXA v1.2.7 allows remote code execution through the project import functionality by importing crafted project files containing malicious code.

RCE Fuxa
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-67189 MEDIUM POC This Month

A950Rg Firmware versions up to 4.1.2cu.5204_b20210112 is affected by classic buffer overflow (CVSS 6.5).

Buffer Overflow Denial Of Service A950rg Firmware RCE TOTOLINK
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-67186 CRITICAL POC Act Now

TOTOLINK A950RG router firmware has a buffer overflow in setUrlFilterRules that allows remote attackers to execute code through the router's management interface.

Buffer Overflow Denial Of Service A950rg Firmware RCE TOTOLINK
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2020-37113 HIGH POC This Week

Open Eclass Platform versions up to 1.7.3 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

PHP RCE Open Eclass Platform
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2020-37102 HIGH POC This Week

WCAssistantService contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-37100 HIGH POC This Week

Syncbreeze versions up to 12.4.18 contains a vulnerability that allows attackers to execute arbitrary code with elevated system privileges (CVSS 7.8).

RCE Syncbreeze
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-37099 HIGH POC This Week

its service configuration contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-37098 HIGH POC This Week

Disk Sorter Enterprise 12.4.16 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-1730 HIGH This Week

OS DataHub Maps (WordPress plugin) is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

WordPress RCE
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-24465 CRITICAL Act Now

ELECOM wireless LAN access point devices have a stack-based buffer overflow that allows remote attackers to execute code or crash the device via crafted packets.

Buffer Overflow Stack Overflow RCE Wab S300Iw Pd Firmware Wab S733Iw Pd Firmware +6
NVD
CVSS 4.0
9.3
EPSS
0.0%
CVE-2026-24694 HIGH This Week

Arbitrary code execution in Roland Cloud Manager installer versions 3.1.19 and earlier results from insecure DLL loading, enabling local attackers to execute malicious code with application-level privileges. An attacker with local access and user interaction can exploit this vulnerability to compromise systems running the affected installer. No patch is currently available to remediate this vulnerability.

Privilege Escalation RCE
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2025-58382 HIGH This Week

Fabric Operating System contains a vulnerability that allows attackers to an authenticated, remote attacker with administrative credentials to execute ar (CVSS 7.2).

RCE Fabric Operating System
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2025-15556 HIGH KEV PATCH THREAT Act Now

Notepad++ versions prior to 8.8.9 contain an update integrity verification vulnerability (CVE-2025-15556) when using the WinGUp updater. The update mechanism fails to cryptographically verify downloaded metadata and installers, allowing man-in-the-middle attackers to serve malicious executables during the update process. KEV-listed, this supply chain risk affects one of the most widely used text editors on Windows.

RCE Notepad
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
4.3%
CVE-2026-25142 npm CRITICAL POC PATCH Act Now

Sandbox escape in SandboxJS before 0.8.27 via __lookupGetter__ prototype chain access. CVSS 10.0 — complete sandbox bypass. PoC and patch available.

RCE Sandboxjs
NVD GitHub
CVSS 3.1
10.0
EPSS
0.2%
CVE-2026-25134 HIGH POC PATCH This Week

Remote code execution in Group Office versions prior to 6.8.150, 25.0.82, and 26.0.5 allows authenticated attackers to execute arbitrary commands through unsanitized language parameters passed to system zip operations in the MaintenanceController. The vulnerability can be exploited by combining a crafted zip file upload with command injection, and public exploit code exists. Update to patched versions immediately.

RCE Group Office
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-24051 Go HIGH PATCH This Week

Arbitrary code execution in OpenTelemetry Go SDK versions 1.20.0 through 1.39.0 on macOS results from insecure PATH resolution when executing the ioreg system command during resource detection. A local attacker with the ability to modify the PATH environment variable can hijack the command search path and execute arbitrary code with the privileges of the affected application. The vulnerability is resolved in version 1.40.0 and later.

Opentelemetry Go Apple RCE
NVD GitHub
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-22778 PyPI CRITICAL POC PATCH GHSA Act Now

Information exposure in vLLM inference engine versions 0.8.3 to before 0.14.1. Invalid image requests to the multimodal endpoint cause sensitive data logging. Patch available.

RCE Vllm
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-66480 CRITICAL PATCH Act Now

Critical path traversal in Wildfire IM instant messaging server before 1.4.3 allows unauthenticated access to arbitrary files. EPSS 0.25%, patch available.

RCE Path Traversal Im Server
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2026-1770 Maven PATCH Monitor

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.

RCE Command Injection
NVD
EPSS
0.0%
CVE-2025-14914 HIGH This Week

IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip archive containing path traversal sequences resulting in an overwrite of files leading to arbitrary code execution. [CVSS 7.6 HIGH]

IBM Path Traversal Websphere Application Server RCE
NVD
CVSS 3.1
7.6
EPSS
0.0%
CVE-2026-1761 HIGH PATCH This Week

Libsoup's multipart HTTP response parser contains a stack buffer overflow stemming from faulty length validation, enabling remote attackers to trigger memory corruption and potentially execute arbitrary code without authentication. Applications using libsoup to process untrusted server responses face crash or code execution risks. No patch is currently available.

Buffer Overflow Stack Overflow RCE
NVD
CVSS 3.1
8.6
EPSS
1.4%
CVE-2025-10279 PyPI HIGH PATCH This Week

In mlflow version 2.20.3, the temporary directory used for creating Python virtual environments is assigned insecure world-writable permissions (0o777). [CVSS 7.0 HIGH]

Python RCE
NVD GitHub
CVSS 3.0
7.0
EPSS
0.0%
CVE-2024-5986 LIB CRITICAL Act Now

Arbitrary file write in H2O-3 machine learning platform version 3.46.0.1 allows remote attackers to write data to any file on the server.

RCE
NVD
CVSS 3.0
9.1
EPSS
0.1%
CVE-2024-2356 CRITICAL Act Now

Local File Inclusion in parisneo/lollms-webui /reinstall_extension endpoint allows authenticated users to include arbitrary local files. EPSS 0.26%.

Python RCE
NVD GitHub
CVSS 3.0
9.6
EPSS
0.3%
CVE-2025-9974 HIGH This Week

The unified WEBUI application of the ONT/Beacon device contains an input handling flaw that allows authenticated users to trigger unintended system-level command execution. [CVSS 8.0 HIGH]

Command Injection RCE
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2020-37064 HIGH POC This Week

EMP_NSWLSV service contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-37063 HIGH POC This Week

TFTP Turbo 4.6.1273 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-37062 HIGH POC This Week

DHCP Turbo 4.61298 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. Attackers can place malicious executables in the service path to gain elevated privileges when the service starts. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-37061 HIGH POC This Week

BOOTP Turbo 2.0.1214 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
EPSS 0% CVSS 7.8
HIGH POC This Week

Wondershare Application Framework Service 2.4.3.231 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
EPSS 1% CVSS 8.8
HIGH This Week

WP Duplicate WordPress plugin has a missing authorization vulnerability leading to arbitrary file deletion that can destroy the WordPress installation.

WordPress RCE Authentication Bypass +2
NVD
EPSS 0% CVSS 8.8
HIGH This Week

A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-proxy-set-headers` Ingress annotation can be used to inject configuration into nginx. [CVSS 8.8 HIGH]

Nginx Kubernetes RCE
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

Tanium addressed an unauthorized code execution vulnerability in Tanium Appliance. [CVSS 7.8 HIGH]

RCE Tanos
NVD
EPSS 0% CVSS 7.2
HIGH POC This Week

An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation function [CVSS 7.2 HIGH]

RCE Code Injection Chestnutcms
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

Monstra Cms versions up to 3.0.4 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

RCE Monstra Cms
NVD GitHub
EPSS 0% CVSS 8.4
HIGH POC This Week

10-Strike Network Inventory Explorer 8.54 contains a structured exception handler buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting SEH records. [CVSS 8.4 HIGH]

RCE Buffer Overflow
NVD Exploit-DB
EPSS 0% CVSS 6.1
MEDIUM POC This Month

PHP-Fusion 9.03.50 contains a remote code execution vulnerability in the 'add_panel_form()' function that allows attackers to execute arbitrary code through an eval() function with unsanitized POST data. [CVSS 6.1 MEDIUM]

PHP RCE Phpfusion
NVD Exploit-DB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Unauthenticated remote code execution via OS command injection in Edimax EW-7438RPn-v3 Mini wireless extender firmware 1.27. EPSS 1.3% with PoC available.

RCE Command Injection Ew 7438rpn Mini Firmware
NVD Exploit-DB
EPSS 12% CVSS 9.8
CRITICAL POC THREAT Emergency

Remote code execution via OS command injection in Pinger 1.0 allows attackers to inject shell commands through the ping target parameter. EPSS 12.2% indicates significant exploitation likelihood. PoC available.

PHP RCE
NVD GitHub Exploit-DB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

CODE::BLOCKS 16.01 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler with crafted Unicode characters. [CVSS 5.5 MEDIUM]

RCE Buffer Overflow
NVD Exploit-DB
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Buffer overflow in Rubo DICOM Viewer 2.0 through the DICOM server name input field allows attackers to execute arbitrary code. PoC available.

RCE Buffer Overflow
NVD Exploit-DB
EPSS 0% CVSS 8.6
HIGH PATCH This Week

A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary. [CVSS 8.6 HIGH]

Go Code Injection RCE
NVD VulDB
EPSS 0% CVSS 7.8
HIGH POC This Week

gbClientService contains a vulnerability that allows attackers to potentially execute arbitrary code with elevated privileges (CVSS 7.8).

RCE
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

Shrew Soft VPN Client 2.2.2 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can place malicious executables in the unquoted service path to gain elevated access during service startup or system reboot. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

BartVPNService contains a vulnerability that allows attackers to potentially execute arbitrary code with elevated system privileges (CVSS 7.8).

RCE
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

ScsiAccess service contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

RCE
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

EasyRedirect service contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

RCE
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

CCSrvProxy service contains a vulnerability that allows attackers to execute arbitrary code (CVSS 7.8).

RCE
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

Wing Ftp Server versions up to 6.0.7 contains a vulnerability that allows attackers to potentially execute arbitrary code with elevated system privileges (CVSS 7.8).

RCE Wing Ftp Server
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Remote code execution in Godot MCP prior to version 0.1.1 results from unsafe shell command execution when processing user-supplied project paths. An unauthenticated attacker can inject shell metacharacters through multiple tools (create_scene, add_node, load_sprite, etc.) to execute arbitrary commands with the privileges of the MCP server process. No patch is currently available for affected deployments.

RCE Command Injection Godot Mcp
NVD GitHub VulDB
EPSS 1% CVSS 9.1
CRITICAL POC PATCH Act Now

SiYuan knowledge management system prior to 3.5.5 has a path traversal in /api/file/copyFile allowing arbitrary file operations on the server.

SSH RCE Siyuan
NVD GitHub
EPSS 14% CVSS 8.8
HIGH POC PATCH THREAT Act Now

Authenticated attackers can execute arbitrary commands on Group-Office servers through unsanitized user input in the email attachment endpoint, where shell metacharacters are directly passed to system execution functions. The vulnerability affects Group-Office versions prior to 6.8.150, 25.0.82, and 26.0.5, and public exploit code exists. Organizations should apply available patches immediately as this is actively exploitable by authenticated users.

RCE Group Office
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Melange versions 0.10.0 through 0.40.2 allow unauthenticated command injection through the patch pipeline, enabling attackers to execute arbitrary shell commands on build hosts by injecting shell metacharacters into patch-related inputs such as series paths and filenames. This vulnerability affects users who build APK packages using melange build or melange license-check operations, particularly in CI/CD environments where build inputs may be controlled by untrusted sources. A patch is available in version 0.40.3 and later.

Command Injection RCE Melange +1
NVD GitHub
EPSS 0% CVSS 7.9
HIGH PATCH This Week

melange allows users to build apk packages using declarative pipelines. [CVSS 7.9 HIGH]

Command Injection RCE Melange +1
NVD GitHub
EPSS 0% CVSS 8.8
HIGH PATCH This Week

N8N versions up to 1.118.0 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

RCE AI / ML N8n
NVD GitHub
EPSS 0% CVSS 8.1
HIGH PATCH This Week

n8n is an open source workflow automation platform. [CVSS 8.1 HIGH]

SSH RCE AI / ML +1
NVD GitHub
EPSS 0% CVSS 9.9
CRITICAL PATCH Act Now

n8n has a command injection vulnerability (CVSS 9.9) allowing authenticated users to execute arbitrary OS commands through workflow definitions.

RCE Command Injection Information Disclosure +3
NVD GitHub
EPSS 0% CVSS 9.9
CRITICAL POC PATCH Act Now

n8n workflow automation platform has an authenticated code execution vulnerability (CVSS 9.9) through improper runtime behavior modification, enabling server takeover.

RCE Command Injection Code Injection +3
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Autodesk 3ds Max occurs when users open max files from maliciously crafted project directories that exploit an untrusted search path vulnerability. Local attackers can leverage this to execute arbitrary code with the privileges of the current user without requiring special permissions or interaction beyond opening a file. No patch is currently available for this high-severity vulnerability affecting 3ds Max users.

Privilege Escalation RCE 3ds Max
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Arbitrary code execution in Autodesk 3ds Max occurs when the application parses a maliciously crafted RGB image file, resulting in a CWE-787 out-of-bounds write that corrupts memory and lets an attacker run code in the context of the user running 3ds Max. No public exploit identified at time of analysis, and the EPSS probability is only 0.01%, but the CVSS base score of 8.4 reflects the high impact when a victim is convinced to open a weaponized asset file.

Memory Corruption Buffer Overflow RCE +1
NVD VulDB
EPSS 0% CVSS 8.4
HIGH This Week

Stack-based buffer overflow in Autodesk 3ds Max enables arbitrary code execution when the application parses a maliciously crafted GIF file, running attacker code in the context of the current user process. The flaw carries a CVSS 8.4 (High) rating due to local attack vector but full confidentiality, integrity, and availability impact, with no public exploit identified at time of analysis and a very low EPSS probability (0.01%) reflecting the file-open user-interaction model typical of DCC software.

Buffer Overflow Stack Overflow RCE +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Malicious USD files trigger an out-of-bounds write vulnerability in Autodesk Arnold and 3ds Max, enabling arbitrary code execution within the affected application when a user loads or imports the crafted file. Local attackers with user interaction can exploit this to gain full system compromise with the privileges of the running process. No patch is currently available.

Buffer Overflow RCE
NVD GitHub
EPSS 0% CVSS 8.4
HIGH This Week

Arbitrary code execution in Autodesk 3ds Max occurs when the application parses a maliciously crafted GIF file, triggering an out-of-bounds write (CWE-787) in its image-handling code. The flaw lets an attacker run code in the context of the user running 3ds Max; no public exploit identified at time of analysis and EPSS estimates exploitation probability at just 0.03%.

Buffer Overflow RCE Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 8.4
HIGH This Week

Arbitrary code execution in Autodesk 3ds Max occurs when the application parses a maliciously crafted RGB image file, triggering an out-of-bounds write (CWE-787) that corrupts memory in the running process. Exploitation requires a victim to open the malicious file locally, but no public exploit has been identified at time of analysis and EPSS rates real-world exploitation likelihood at just 0.01%. The flaw was reported by Autodesk PSIRT and is tracked under advisory ADSK-SA-2026-0002.

Memory Corruption Buffer Overflow RCE +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM POC This Month

Coto versions up to 11.4.0 is affected by unrestricted upload of file with dangerous type (CVSS 6.5).

File Upload RCE Coto
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH This Week

The SportsPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.7.26 via shortcodes 'template_name' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be...

WordPress PHP LFI +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Docker Desktop for Windows contains multiple incorrect permission assignment vulnerabilities in the installer's handling of the C:\ProgramData\DockerDesktop directory. [CVSS 6.7 MEDIUM]

Windows Docker Race Condition +1
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

Arbitrary command execution with system privileges in Android's FacAtFunction component allows a privileged physical attacker to bypass input validation controls prior to the February 2026 Security Maintenance Release 1. An adversary with physical access and elevated privileges can exploit this vulnerability to execute arbitrary commands at the system level. No patch is currently available.

RCE Android
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Android versions up to 14.0 contains a vulnerability that allows attackers to execute arbitrary commands (CVSS 6.8).

RCE Android
NVD
EPSS 0% CVSS 8.8
HIGH This Week

WP FOFT Loader (WordPress plugin) is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

WordPress RCE
NVD
EPSS 0% CVSS 8.1
HIGH This Week

file import process of Comic Book Reader v1.0.95 contains a vulnerability that allows attackers to overwrite critical internal files, potentially leading to arbitrary code executi (CVSS 6.5).

RCE
NVD GitHub VulDB
EPSS 0% CVSS 7.2
HIGH POC This Week

School Erp Pro versions up to 1.0 is affected by unrestricted upload of file with dangerous type (CVSS 7.2).

PHP RCE School Erp Pro
NVD Exploit-DB
EPSS 0% CVSS 9.9
CRITICAL POC PATCH Act Now

CI4MS (CodeIgniter 4 CMS skeleton) has a code injection vulnerability (CVSS 9.9) allowing authenticated users to execute arbitrary PHP code through the CMS module system.

PHP RCE Ci4ms
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

School ERP Pro 1.0 allows students to upload arbitrary PHP files, enabling remote code execution from a low-privileged student account.

PHP RCE School Erp Pro
NVD Exploit-DB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

CraftCMS 3 vCard Plugin 1.0.0 has an insecure deserialization vulnerability allowing unauthenticated remote code execution through crafted vCard data.

PHP RCE Deserialization
NVD Exploit-DB
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

CloudMe 1.11.2 cloud sync application has a buffer overflow enabling remote code execution through the network sync protocol.

RCE Buffer Overflow
NVD Exploit-DB
EPSS 0%
This Week

An out-of-bounds read vulnerability has been identified in the Postscript interpreter in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user.

Buffer Overflow RCE Information Disclosure
NVD
EPSS 0%
Monitor

A type confusion vulnerability has been identified in the Postscript interpreter in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user.

Buffer Overflow RCE
NVD
EPSS 0%
Monitor

An untrusted search path vulnerability has been identified in the Embedded Solutions Framework in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code.

Privilege Escalation RCE
NVD
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tdpserver modules) allows adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a maliciously formed field.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow +2
NVD VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow +2
NVD VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow +2
NVD VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields with zero‑length values.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow +2
NVD VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields with zero‑length values.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow +2
NVD VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow +2
NVD VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow +2
NVD VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow +2
NVD VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted set of network packets containing an excessive number of host entries This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

TP-Link Buffer Overflow Heap Overflow +2
NVD VulDB
EPSS 0% CVSS 8.4
HIGH This Week

Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. [CVSS 8.4 HIGH]

Python Deserialization Boltz +1
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. [CVSS 6.5 MEDIUM]

Python Privilege Escalation Deserialization +2
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

FUXA v1.2.7 allows remote code execution through the project import functionality by importing crafted project files containing malicious code.

RCE Fuxa
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Month

A950Rg Firmware versions up to 4.1.2cu.5204_b20210112 is affected by classic buffer overflow (CVSS 6.5).

Buffer Overflow Denial Of Service A950rg Firmware +2
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

TOTOLINK A950RG router firmware has a buffer overflow in setUrlFilterRules that allows remote attackers to execute code through the router's management interface.

Buffer Overflow Denial Of Service A950rg Firmware +2
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

Open Eclass Platform versions up to 1.7.3 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

PHP RCE Open Eclass Platform
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

WCAssistantService contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

RCE
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

Syncbreeze versions up to 12.4.18 contains a vulnerability that allows attackers to execute arbitrary code with elevated system privileges (CVSS 7.8).

RCE Syncbreeze
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

its service configuration contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

RCE
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

Disk Sorter Enterprise 12.4.16 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
EPSS 0% CVSS 8.8
HIGH This Week

OS DataHub Maps (WordPress plugin) is affected by unrestricted upload of file with dangerous type (CVSS 8.8).

WordPress RCE
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

ELECOM wireless LAN access point devices have a stack-based buffer overflow that allows remote attackers to execute code or crash the device via crafted packets.

Buffer Overflow Stack Overflow RCE +8
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Roland Cloud Manager installer versions 3.1.19 and earlier results from insecure DLL loading, enabling local attackers to execute malicious code with application-level privileges. An attacker with local access and user interaction can exploit this vulnerability to compromise systems running the affected installer. No patch is currently available to remediate this vulnerability.

Privilege Escalation RCE
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Fabric Operating System contains a vulnerability that allows attackers to an authenticated, remote attacker with administrative credentials to execute ar (CVSS 7.2).

RCE Fabric Operating System
NVD
EPSS 4% CVSS 7.5
HIGH KEV PATCH THREAT Act Now

Notepad++ versions prior to 8.8.9 contain an update integrity verification vulnerability (CVE-2025-15556) when using the WinGUp updater. The update mechanism fails to cryptographically verify downloaded metadata and installers, allowing man-in-the-middle attackers to serve malicious executables during the update process. KEV-listed, this supply chain risk affects one of the most widely used text editors on Windows.

RCE Notepad
NVD GitHub VulDB
EPSS 0% CVSS 10.0
CRITICAL POC PATCH Act Now

Sandbox escape in SandboxJS before 0.8.27 via __lookupGetter__ prototype chain access. CVSS 10.0 — complete sandbox bypass. PoC and patch available.

RCE Sandboxjs
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC PATCH This Week

Remote code execution in Group Office versions prior to 6.8.150, 25.0.82, and 26.0.5 allows authenticated attackers to execute arbitrary commands through unsanitized language parameters passed to system zip operations in the MaintenanceController. The vulnerability can be exploited by combining a crafted zip file upload with command injection, and public exploit code exists. Update to patched versions immediately.

RCE Group Office
NVD GitHub
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Arbitrary code execution in OpenTelemetry Go SDK versions 1.20.0 through 1.39.0 on macOS results from insecure PATH resolution when executing the ioreg system command during resource detection. A local attacker with the ability to modify the PATH environment variable can hijack the command search path and execute arbitrary code with the privileges of the affected application. The vulnerability is resolved in version 1.40.0 and later.

Opentelemetry Go Apple RCE
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC PATCH Act Now

Information exposure in vLLM inference engine versions 0.8.3 to before 0.14.1. Invalid image requests to the multimodal endpoint cause sensitive data logging. Patch available.

RCE Vllm
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Critical path traversal in Wildfire IM instant messaging server before 1.4.3 allows unauthenticated access to arbitrary files. EPSS 0.25%, patch available.

RCE Path Traversal Im Server
NVD GitHub
EPSS 0%
PATCH Monitor

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.

RCE Command Injection
NVD
EPSS 0% CVSS 7.6
HIGH This Week

IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip archive containing path traversal sequences resulting in an overwrite of files leading to arbitrary code execution. [CVSS 7.6 HIGH]

IBM Path Traversal Websphere Application Server +1
NVD
EPSS 1% CVSS 8.6
HIGH PATCH This Week

Libsoup's multipart HTTP response parser contains a stack buffer overflow stemming from faulty length validation, enabling remote attackers to trigger memory corruption and potentially execute arbitrary code without authentication. Applications using libsoup to process untrusted server responses face crash or code execution risks. No patch is currently available.

Buffer Overflow Stack Overflow RCE
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In mlflow version 2.20.3, the temporary directory used for creating Python virtual environments is assigned insecure world-writable permissions (0o777). [CVSS 7.0 HIGH]

Python RCE
NVD GitHub
EPSS 0% CVSS 9.1
CRITICAL Act Now

Arbitrary file write in H2O-3 machine learning platform version 3.46.0.1 allows remote attackers to write data to any file on the server.

RCE
NVD
EPSS 0% CVSS 9.6
CRITICAL Act Now

Local File Inclusion in parisneo/lollms-webui /reinstall_extension endpoint allows authenticated users to include arbitrary local files. EPSS 0.26%.

Python RCE
NVD GitHub
EPSS 0% CVSS 8.0
HIGH This Week

The unified WEBUI application of the ONT/Beacon device contains an input handling flaw that allows authenticated users to trigger unintended system-level command execution. [CVSS 8.0 HIGH]

Command Injection RCE
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

EMP_NSWLSV service contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

RCE
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

TFTP Turbo 4.6.1273 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

DHCP Turbo 4.61298 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. Attackers can place malicious executables in the service path to gain elevated privileges when the service starts. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

BOOTP Turbo 2.0.1214 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. [CVSS 7.8 HIGH]

RCE
NVD Exploit-DB
Prev Page 38 of 355 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy