Remote code execution vulnerabilities
Remote code execution lets an attacker run arbitrary code on the target system, usually over the network and in the worst cases without authentication. RCE is the most severe vulnerability class: a single unauthenticated RCE in an internet-facing product routinely leads to mass exploitation within days, and RCE entries dominate the CISA KEV catalog.
Classification is assigned by the CSIRTS enrichment pipeline from the advisory text. The list below shows the latest advisories tagged remote code execution, newest first, across national CERTs, vendor PSIRTs and vulnerability databases — exploited marks CVEs in the CISA KEV catalog.