CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Remote code execution vulnerabilities

RCE988 advisories671 exploitedlatest 2026-07-10

Remote code execution lets an attacker run arbitrary code on the target system, usually over the network and in the worst cases without authentication. RCE is the most severe vulnerability class: a single unauthenticated RCE in an internet-facing product routinely leads to mass exploitation within days, and RCE entries dominate the CISA KEV catalog.

Classification is assigned by the CSIRTS enrichment pipeline from the advisory text. The list below shows the latest advisories tagged remote code execution, newest first, across national CERTs, vendor PSIRTs and vulnerability databases — exploited marks CVEs in the CISA KEV catalog.

Latest remote code execution advisories

Other vulnerability classes

Privilege escalation (451)Authentication bypass (366)Denial of service (600)Information disclosure (405)Memory corruption (244)Path traversal (100)Code injection (92)Cross-site scripting (110)Unsafe deserialization (49)SQL injection (51)Server-side request forgery (37)