rce
Safeguard articles tagged "rce" — guides, analysis, and best practices for software supply chain and application security.
80 articles
Apache Struts (CVE-2017-5638) Explained: The OGNL Header That Breached Equifax
CVE-2017-5638 let attackers run commands on Apache Struts 2 servers through a crafted Content-Type header. It is the unpatched flaw behind the Equifax breach. Here is the OGNL mechanism.
PaperCut CVE-2023-27350 Explained: Auth Bypass to Unauthenticated RCE
CVE-2023-27350 is an authentication bypass in PaperCut MF and NG that hands an attacker admin access and remote code execution, rated CVSS 9.8. Here is the timeline, root cause, and how to remediate.
ProxyShell (CVE-2021-34473) Explained: The Exchange Path Confusion Behind a Pre-Auth RCE Chain
CVE-2021-34473 is the path-confusion flaw at the head of ProxyShell — a three-bug Microsoft Exchange chain that took unauthenticated attackers all the way to remote code execution.
Spring4Shell (CVE-2022-22965) Explained: RCE Through Spring Data Binding
CVE-2022-22965, Spring4Shell, let attackers write a JSP web shell to Spring MVC apps on JDK 9+ by abusing data binding. Here is the ClassLoader trick and the exact conditions required.
What is Insecure Deserialization? A Developer's Guide
Insecure deserialization turns a trusted data-loading routine into a remote code execution primitive. Learn how gadget chains work and how to deserialize untrusted data safely.
What Is SSTI (Server-Side Template Injection)?
SSTI happens when user input is compiled as template code instead of rendered as data, often leading straight to remote code execution. Here is how to prevent it.
ActiveMQ CVE-2023-46604 Explained: The OpenWire Deserialization RCE
CVE-2023-46604 is an unauthenticated remote code execution flaw in Apache ActiveMQ's OpenWire protocol, rated CVSS 10.0. Here is how it works, how ransomware crews weaponized it, and how to remediate.
Ghostcat: Apache Tomcat AJP File Read and RCE (CVE-2020-1938) Explained
CVE-2020-1938 turned Tomcat's default AJP connector into a file-disclosure and RCE primitive. Here's how the request-attribute abuse works and how to shut it down.
GitLab ExifTool RCE (CVE-2021-22205) Explained
An unauthenticated attacker could run code on a GitLab server just by uploading an image. The bug was not in GitLab at all — it was in ExifTool. Here is the full story.
ProxyLogon (CVE-2021-26855) Explained: The Exchange SSRF That Opened a Pre-Auth Door
CVE-2021-26855, ProxyLogon, is a server-side request forgery in Microsoft Exchange that let unauthenticated attackers impersonate the server — the first link in a chain to full remote code execution.
React Server Components RCE vulnerability advisory
CVE-2025-29927 lets attackers bypass Next.js middleware auth with a forged header — a chain that can escalate to full RCE on React Server Components apps.
CVE-2026-42945: A Buffer Overflow in NGINX's Rewrite Module Reaches Into Your Kubernetes Clusters (May 2026)
Disclosed May 17, 2026 with public PoC and in-the-wild activity, CVE-2026-42945 is a buffer overflow in NGINX's ngx_http_rewrite_module. It affects core NGINX and the ingress controllers that wrap it, putting cluster ingress in scope.