Remote Code Execution is a attack_type tracked across 50 threat clusters and 253 intelligence report mentions on ThreatCluster. First observed October 27, 2025; most recent activity July 16, 2026.
A critical command injection vulnerability, CVE-2026-42271, in LiteLLM, an open-source AI gateway, allows unauthenticated remote code execution (RCE) when chained with CVE-2026-48710, a Host header validation bypass in…
DbGate's JSON script runner has a critical vulnerability (CVE-2026-47668) that allows unauthenticated remote code execution via the functionName parameter in JSON script assign commands. The vulnerability arises from…
A remote code execution vulnerability, CVE-2025-34299, has been identified in Monsta FTP. This zero-day exploit allows attackers to execute arbitrary code remotely, affecting users of the software. The situation has led…
A critical remote code execution vulnerability, CVE-2025-52691, has been found in SmarterTools' SmarterMail solution. This flaw has a maximum CVSS score of 10.0, indicating its severe potential impact on systems using…
Hewlett Packard Enterprise (HPE) has addressed a critical vulnerability in its OneView software, identified as CVE-2025-37164, which allows attackers to execute arbitrary code remotely without authentication. This flaw…
On January 13, 2026, SAP issued 17 new security notes during its monthly Security Patch Day, addressing critical injection flaws and remote code execution vulnerabilities in key products. Organizations are urged to…
The MonikerLink vulnerability in Microsoft Outlook allows for remote code execution via malicious hyperlinks in emails. Discovered by Check Point Research, a proof-of-concept exploit has been released, potentially…
On June 17, 2026, F5 released emergency patches for two critical vulnerabilities in NGINX, CVE-2026-42530 and CVE-2026-42055. These vulnerabilities affect NGINX Open Source, NGINX Plus, and related products, allowing…
Flowise has disclosed a critical remote code execution vulnerability, tracked as CVE-2026-56274, affecting versions prior to 3.1.2 of its Custom MCP Server feature. The flaw allows attackers to exploit multiple OS…
A critical server-side template injection (SSTI) vulnerability in FOSSBilling, tracked as CVE-2026-28496, was disclosed on June 23, 2026. This flaw affects all versions up to 0.7.2 and allows attackers to exploit unsafe…