Definition

Arbitrary Code Execution

Meaning ⎊ Vulnerability allowing attackers to execute unauthorized logic by controlling the target of external contract calls.
Greeks.liveMarch 19, 2026

Arbitrary Code Execution

Arbitrary code execution is a critical vulnerability where an attacker can force a contract to execute unauthorized logic. This often occurs when a contract allows users to pass an arbitrary address to a delegatecall or call function.

By pointing the call to a malicious contract, the attacker can execute any function within that contract, potentially leading to the theft of funds or state destruction. This vulnerability is the foundation of many high-profile DeFi hacks.

To prevent this, developers must use strict allow-lists for external calls and ensure that user-provided inputs are never used to determine the destination of a call. Security requires minimizing the attack surface and strictly controlling the flow of execution.

Code Vulnerability
Smart Contract Immutability
Code Coverage Analysis
Security Peer Review Standards
Security Guard Libraries
Smart Contract Settlement Risk
Contract State Persistence
Automated Security Auditing