Remote-Code-Execution

Funadmin versions up to 7.1.0-rc6 are vulnerable to unrestricted file uploads due to improper handling of the File argument in the UploadService::chunkUpload function, potentially leading to remote code execution.

A buffer overflow vulnerability exists in Totolink WA300 version 5.2cu.7112_B20190227 within the loginauth function of the /cgi-bin/cstecgi.cgi file, specifically affecting the POST Request Handler component, triggerable via manipulation of the http_host argument, and remotely exploitable with a publicly available exploit.

A remote buffer overflow vulnerability exists in the UploadCustomModule function of the /cgi-bin/cstecgi.cgi file in the POST Request Handler component of Totolink WA300 version 5.2cu.7112_B20190227, which can be exploited by manipulating the File argument.

A buffer overflow vulnerability exists in Shenzhen Libituo Technology LBT-T300-HW1 version 1.2.8 and earlier, allowing remote attackers to execute arbitrary code by manipulating the Channel/ApCliSsid argument in the start_lan function of the /apply.cgi file.

A stack-based buffer overflow vulnerability (CVE-2026-7546) in the Totolink NR1800X router allows remote attackers to achieve arbitrary code execution by sending a crafted HTTP request with a manipulated Host header to the vulnerable lighttpd component.

CVE-2026-7333 is a use-after-free vulnerability in the GPU component of Chromium, affecting Google Chrome and Microsoft Edge, potentially leading to arbitrary code execution.

CVE-2026-7338 is a use-after-free vulnerability in the Cast component of Chromium, affecting Google Chrome and Microsoft Edge, potentially leading to arbitrary code execution.

A buffer overflow vulnerability (CVE-2026-7503) exists in code-projects Plugin 4.1.2cu.5137, allowing a remote attacker to execute arbitrary code by manipulating the 'wepkey2' argument in the 'setWiFiMultipleConfig' function of the '/lib/cste_modules/wireless.so' library, posing a critical risk due to publicly available exploits.

A buffer overflow vulnerability in UTT HiPER 1250GW devices (versions up to 3.2.7-210907-180535) allows remote attackers to execute arbitrary code by manipulating the 'Profile' argument in the `strcpy` function of the `route/goform/ConfigAdvideo` file, due to insufficient bounds checking.

A remote buffer overflow vulnerability exists in the UTT HiPER 1250GW device due to improper handling of the 'Profile' argument in the NTP configuration, potentially allowing for arbitrary code execution.

A buffer overflow vulnerability in Tenda F456 version 1.0.0.5 allows remote attackers to execute arbitrary code via a crafted request to the fromWrlclientSet function in the /goform/WrlclientSet file of the httpd component.

A buffer overflow vulnerability in Tenda F456 router version 1.0.0.5 allows a remote attacker to execute arbitrary code by exploiting the fromSafeClientFilter function in the /goform/SafeClientFilter endpoint through manipulation of the 'menufacturer/Go' argument.

Ray Data is vulnerable to remote code execution via Parquet Arrow Extension Type Deserialization; specifically, a maliciously crafted Parquet file can trigger arbitrary code execution due to the unsafe deserialization of Arrow extension metadata, affecting Ray versions 2.49.0 through 2.54.0.

A remote code execution vulnerability exists in OpenMage LTS versions prior to 20.16.1 due to Phar deserialization, where an attacker can upload a malicious phar file disguised as an image and trigger deserialization via functions like `getimagesize()`, `file_exists()`, or `is_readable()` when processing `phar://` stream wrapper paths, leading to arbitrary code execution.

A code injection vulnerability exists in modelscope agentscope up to version 1.0.18, specifically affecting the execute_python_code/execute_shell_command functions, allowing for remote code execution.

Microsoft's April 2026 Patch Tuesday addresses 163 vulnerabilities, including 8 critical ones, ranging from Tampering to Remote Code Execution and Privilege Escalation, affecting various Microsoft products; it is recommended to apply patches immediately.

Openfind MailGates/MailAudit is vulnerable to a stack-based buffer overflow (CVE-2026-6350) allowing unauthenticated remote attackers to execute arbitrary code by controlling the program's execution flow.

A double free vulnerability in the Windows IKE Extension, tracked as CVE-2026-33824, allows an unauthenticated remote attacker to execute arbitrary code over the network.

PraisonAI versions before 4.5.139 and praisonaiagents versions before 1.5.140 are vulnerable to unauthenticated remote session hijacking due to missing authentication and a bypassable origin check on the /ws WebSocket endpoint, enabling unauthorized remote control and data leakage.

Smart Slider 3 Pro version 3.5.1.35 for WordPress and Joomla contains a multi-stage remote access toolkit injected through a compromised update system allowing unauthenticated remote code execution and system takeover.

CVE-2026-33466 describes a vulnerability in Logstash where improper validation of file paths within compressed archives allows arbitrary file writes, potentially leading to remote code execution.

The Gerador de Certificados – DevApps WordPress plugin is vulnerable to arbitrary file uploads due to missing file type validation, potentially leading to remote code execution.

Windmill versions 1.56.0 through 1.614.0 contain a missing authorization vulnerability (CVE-2026-22683) that allows users with the Operator role to bypass intended restrictions and perform unauthorized entity creation and modification actions via the backend API, potentially leading to privilege escalation and remote code execution.

A stack-based buffer overflow vulnerability (CVE-2026-5686) exists in the Tenda CX12L router version 16.03.53.12, allowing remote attackers to potentially execute arbitrary code by manipulating the 'page' argument in the `/goform/RouteStatic` endpoint.

Emlog versions 2.6.2 and prior are vulnerable to path traversal via crafted ZIP uploads, allowing authenticated admins to write arbitrary files and achieve remote code execution.

A remote heap-based buffer overflow vulnerability exists in Cesanta Mongoose versions up to 7.20 due to improper handling of the pubkey argument in the mg_tls_recv_cert function, potentially leading to code execution.

A remote, anonymous attacker can exploit multiple vulnerabilities in libpng to execute arbitrary program code or cause a denial of service.

OpenClaw before 2026.3.11 is vulnerable to privilege escalation in the device.token.rotate function, allowing attackers with limited operator.pairing scope to mint tokens with elevated operator.admin privileges, potentially leading to remote code execution.

Crashmail 1.6 is vulnerable to a stack-based buffer overflow, allowing remote attackers to execute arbitrary code via malicious input and potentially leading to denial of service.

A buffer overflow vulnerability in Totolink LR350 version 9.3.5u.6369_B20220309 allows a remote attacker to execute arbitrary code by manipulating the 'ssid' argument in the setWiFiGuestCfg function.

The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation, allowing authenticated attackers with subscriber-level access or higher to delete arbitrary files, potentially leading to remote code execution.

A heap buffer overflow vulnerability (CVE-2026-4675) exists in Google Chrome's WebGL implementation prior to version 146.0.7680.165, allowing a remote attacker to perform an out-of-bounds memory read via a specially crafted HTML page, potentially leading to information disclosure or arbitrary code execution.

Multiple vulnerabilities in Apache Tomcat can be exploited by a remote, authenticated or anonymous attacker to execute arbitrary code, bypass security measures, manipulate data, and cause a denial of service.

A remote, authenticated attacker can exploit an arbitrary file upload vulnerability in Census CSWeb 8.0.1 (CVE-2025-60947) to upload malicious files, potentially leading to remote code execution.

A stack-based buffer overflow vulnerability (CVE-2026-4567) exists in the UploadCfg function of the /cgi-bin/UploadCfg file in Tenda A15 firmware version 15.13.07.13, allowing remote attackers to execute arbitrary code by manipulating the File argument.

Multiple vulnerabilities in GStreamer allow a remote, anonymous attacker to cause a denial-of-service condition or execute arbitrary code.

CVE-2024-1708 is a path traversal vulnerability in ConnectWise ScreenConnect that could allow an attacker to execute remote code or directly impact confidential data and critical systems.

Xerte Online Toolkits 3.15 and earlier are vulnerable to relative path traversal, allowing attackers to move files and potentially achieve remote code execution.

A critical vulnerability, CVE-2025-62373, exists in Pipecat's LivekitFrameSerializer where the deserialize() method uses Python's pickle.loads() on WebSocket data without validation, allowing a malicious WebSocket client to execute arbitrary code on the Pipecat server if LivekitFrameSerializer is explicitly enabled.