BBLabs NewsBBLabs News
NewsAll articlesTopics
ES
  1. Home
  2. ›
  3. Glossary
  4. ›
  5. RCE
CVE

RCERemote Code Execution

Definition

Vulnerability that lets a remote attacker run arbitrary code on the vulnerable system. The highest-severity category — and the most-hunted in bug bounty.

RCE means the attacker sends payloads over the network and gets the target server to execute their code (shell, file read/write, pivot to other hosts). It doesn't necessarily require physical access or valid credentials.

Typical vectors: insecure deserialization (Java, .NET, Python pickle), command injection (unsanitized subprocess), SSTI (template injection), file upload with PHP/ASP execution, vulnerabilities in parsers (XML, image, PDF). In CVSS, unauthenticated RCE without user interaction usually scores ≥ 9.0.

Not to be confused with LPE (Local Privilege Escalation), where you already have access but want to elevate to root.

Related terms

  • LPE
  • SSRF
  • CVSS
  • CVE

Latest articles on CVE

  • →CVE-2026-31635 DirtyDecrypt: public PoC for Linux kernel LPE
  • →SharePoint RCE CVE-2026-45659 patched — CVSS 8.8
  • →CVE-2026-34926: Apex One zero-day actively exploited

Interested in CVE?

Get one technical story a day on cve — curated, summarised, actionable.

Subscribe
BBLabs NewsBBLabs News

Una historia al día. Cero ruido.

Newsletter técnica de ciberseguridad, vulnerabilidades, IA y bug bounty. Para gente que se toma en serio no perder el tiempo.

Conecta

Comunidad

  • Discord BBLabsÚnete a la comunidad
  • Discord Bug Bounty EspañaComunidad BB Es

Síguenos

  • YouTube · 0xGorkaCyber, hacking y bug bounty
  • Instagram · @bblabs.esLo último del proyecto

Contacto

team@bblabs.esEscríbenos para lo que sea

Para feedback, partnerships o reportar un bug en la web. Respondemos rápido.

Acerca de·Temas·Glosario·RSS·Privacidad·Términos
© 2026 BBLabs News·Por Gorka El Bochi
Hecho en España