Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-60232

Summary
Assigner-Patchstack
Assigner Org ID-21595511-bba5-4825-b968-b78d1f9984a3
Published At-22 Oct, 2025 | 14:32
Updated At-28 Apr, 2026 | 18:43
Rejected At-
Credits

WordPress KBx Pro Ultimate plugin <= 8.0.5 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in quantumcloud KBx Pro Ultimate knowledgebase-helpdesk-pro allows Object Injection.This issue affects KBx Pro Ultimate: from n/a through <= 8.0.5.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Patchstack
Assigner Org ID:21595511-bba5-4825-b968-b78d1f9984a3
Published At:22 Oct, 2025 | 14:32
Updated At:28 Apr, 2026 | 18:43
Rejected At:
▼CVE Numbering Authority (CNA)
WordPress KBx Pro Ultimate plugin <= 8.0.5 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in quantumcloud KBx Pro Ultimate knowledgebase-helpdesk-pro allows Object Injection.This issue affects KBx Pro Ultimate: from n/a through <= 8.0.5.

Affected Products
Vendor
quantumcloud
Product
KBx Pro Ultimate
Collection URL
https://wordpress.org/plugins
Package Name
knowledgebase-helpdesk-pro
Default Status
unaffected
Versions
Affected
  • From 0 through 8.0.5 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-502Deserialization of Untrusted Data
Type: CWE
CWE ID: CWE-502
Description: Deserialization of Untrusted Data
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-586Object Injection
CAPEC ID: CAPEC-586
Description: Object Injection
Solutions

Configurations

Workarounds

Exploits

Credits

finder
João Pedro S Alcântara (Kinorth) | Patchstack Bug Bounty Program
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://patchstack.com/database/Wordpress/Plugin/knowledgebase-helpdesk-pro/vulnerability/wordpress-kbx-pro-ultimate-plugin-8-0-5-php-object-injection-vulnerability?_s_id=cve
vdb-entry
Hyperlink: https://patchstack.com/database/Wordpress/Plugin/knowledgebase-helpdesk-pro/vulnerability/wordpress-kbx-pro-ultimate-plugin-8-0-5-php-object-injection-vulnerability?_s_id=cve
Resource:
vdb-entry
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:audit@patchstack.com
Published At:22 Oct, 2025 | 15:16
Updated At:20 Jan, 2026 | 15:17

Deserialization of Untrusted Data vulnerability in quantumcloud KBx Pro Ultimate knowledgebase-helpdesk-pro allows Object Injection.This issue affects KBx Pro Ultimate: from n/a through <= 8.0.5.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-502Secondaryaudit@patchstack.com
CWE ID: CWE-502
Type: Secondary
Source: audit@patchstack.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://patchstack.com/database/Wordpress/Plugin/knowledgebase-helpdesk-pro/vulnerability/wordpress-kbx-pro-ultimate-plugin-8-0-5-php-object-injection-vulnerability?_s_id=cveaudit@patchstack.com
N/A
Hyperlink: https://patchstack.com/database/Wordpress/Plugin/knowledgebase-helpdesk-pro/vulnerability/wordpress-kbx-pro-ultimate-plugin-8-0-5-php-object-injection-vulnerability?_s_id=cve
Source: audit@patchstack.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1008Records found

CVE-2024-22309
Matching Score-10
Assigner-Patchstack
ShareView Details
Matching Score-10
Assigner-Patchstack
CVSS Score-8.7||HIGH
EPSS-0.52% / 40.26%
||
7 Day CHG~0.00%
Published-24 Jan, 2024 | 11:42
Updated-28 Apr, 2026 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress ChatBot Plugin <= 5.1.0 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in QuantumCloud ChatBot with AI.This issue affects ChatBot with AI: from n/a through 5.1.0.

Action-Not Available
Vendor-quantumcloudQuantumCloud
Product-wpbotChatBot with AI
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2023-1650
Matching Score-10
Assigner-WPScan
ShareView Details
Matching Score-10
Assigner-WPScan
CVSS Score-9.8||CRITICAL
EPSS-34.35% / 98.21%
||
7 Day CHG~0.00%
Published-08 May, 2023 | 13:58
Updated-12 May, 2025 | 15:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ChatBot < 4.4.7 - Unauthenticated PHP Object Injection

The AI ChatBot WordPress plugin before 4.4.7 unserializes user input from cookies via an AJAX action available to unauthenticated users, which could allow them to perform PHP Object Injection when a suitable gadget is present on the blog

Action-Not Available
Vendor-quantumcloudUnknown
Product-wpbotAI ChatBot
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2025-53580
Matching Score-8
Assigner-Patchstack
ShareView Details
Matching Score-8
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.34% / 26.48%
||
7 Day CHG~0.00%
Published-20 Aug, 2025 | 08:03
Updated-28 Apr, 2026 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Simple Business Directory Pro Plugin < 15.6.9 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro simple-business-directory-pro allows Privilege Escalation.This issue affects Simple Business Directory Pro: from n/a through < 15.6.9.

Action-Not Available
Vendor-quantumcloud
Product-Simple Business Directory Pro
CWE ID-CWE-266
Incorrect Privilege Assignment
CVE-2025-49901
Matching Score-8
Assigner-Patchstack
ShareView Details
Matching Score-8
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.70% / 48.72%
||
7 Day CHG~0.00%
Published-22 Oct, 2025 | 14:32
Updated-28 Apr, 2026 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Simple Link Directory plugin < 14.8.1 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in quantumcloud Simple Link Directory qc-simple-link-directory allows Authentication Abuse.This issue affects Simple Link Directory: from n/a through < 14.8.1.

Action-Not Available
Vendor-quantumcloud
Product-Simple Link Directory
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2025-31918
Matching Score-8
Assigner-Patchstack
ShareView Details
Matching Score-8
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 34.19%
||
7 Day CHG~0.00%
Published-23 May, 2025 | 12:44
Updated-12 May, 2026 | 00:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Simple Business Directory Pro plugin < 15.6.9 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro simple-business-directory-pro allows Privilege Escalation.This issue affects Simple Business Directory Pro: from n/a through < 15.6.9.

Action-Not Available
Vendor-quantumcloud
Product-Simple Business Directory Pro
CWE ID-CWE-266
Incorrect Privilege Assignment
CVE-2023-5533
Matching Score-8
Assigner-Wordfence
ShareView Details
Matching Score-8
Assigner-Wordfence
CVSS Score-5.3||MEDIUM
EPSS-0.53% / 40.93%
||
7 Day CHG~0.00%
Published-20 Oct, 2023 | 07:29
Updated-08 Apr, 2026 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
AI ChatBot <= 4.8.9 and 4.9.2 - Missing Authorization on AJAX actions

The AI ChatBot plugin for WordPress is vulnerable to unauthorized use of AJAX actions due to missing capability checks on the corresponding functions in versions up to, and including, 4.8.9 as well as 4.9.2. This makes it possible for unauthenticated attackers to perform some of those actions that were intended for higher privileged users.

Action-Not Available
Vendor-quantumcloudquantumcloud
Product-wpbotWPBot – AI ChatBot for Live Support, Lead Generation, AI Services
CWE ID-CWE-862
Missing Authorization
CVE-2022-0760
Matching Score-8
Assigner-WPScan
ShareView Details
Matching Score-8
Assigner-WPScan
CVSS Score-9.8||CRITICAL
EPSS-10.82% / 95.31%
||
7 Day CHG~0.00%
Published-21 Mar, 2022 | 18:56
Updated-02 Aug, 2024 | 23:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Simple Link Directory < 7.7.2 - Unauthenticated SQL injection

The Simple Link Directory WordPress plugin before 7.7.2 does not validate and escape the post_id parameter before using it in a SQL statement via the qcopd_upvote_action AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL Injection

Action-Not Available
Vendor-quantumcloudUnknown
Product-simple_link_directorySimple Link Directory
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-0747
Matching Score-8
Assigner-WPScan
ShareView Details
Matching Score-8
Assigner-WPScan
CVSS Score-9.8||CRITICAL
EPSS-15.25% / 96.36%
||
7 Day CHG~0.00%
Published-21 Mar, 2022 | 18:56
Updated-02 Aug, 2024 | 23:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Infographic Maker - iList < 4.3.8 - Unauthenticated SQL Injection

The Infographic Maker WordPress plugin before 4.3.8 does not validate and escape the post_id parameter before using it in a SQL statement via the qcld_upvote_action AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL Injection

Action-Not Available
Vendor-quantumcloudUnknown
Product-infographic_makerInfographic Maker – iList
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-6809
Matching Score-8
Assigner-WPScan
ShareView Details
Matching Score-8
Assigner-WPScan
CVSS Score-9.8||CRITICAL
EPSS-0.56% / 42.27%
||
7 Day CHG~0.00%
Published-15 May, 2025 | 20:07
Updated-05 Jun, 2025 | 14:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Simple Video Directory < 1.4.3 - Unauthenticated SQLi

The Simple Video Directory WordPress plugin before 1.4.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.

Action-Not Available
Vendor-quantumcloudUnknown
Product-simple_video_directorySimple Video Directory
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2023-5204
Matching Score-8
Assigner-Wordfence
ShareView Details
Matching Score-8
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-6.89% / 93.28%
||
7 Day CHG~0.00%
Published-19 Oct, 2023 | 05:34
Updated-08 Apr, 2026 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
AI ChatBot <= 4.8.9 - Unauthenticated SQL Injection via qc_wpbo_search_response

The ChatBot plugin for WordPress is vulnerable to SQL Injection via the $strid parameter in versions up to, and including, 4.8.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Action-Not Available
Vendor-quantumcloudquantumcloud
Product-wpbotWPBot – AI ChatBot for Live Support, Lead Generation, AI Services
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2024-30221
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-5.4||MEDIUM
EPSS-0.46% / 37.00%
||
7 Day CHG~0.00%
Published-28 Mar, 2024 | 05:07
Updated-11 May, 2026 | 20:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Sunshine Photo Cart plugin <= 3.1.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine Photo Cart: from n/a through <= 3.1.1.

Action-Not Available
Vendor-sunshinephotocartsunshinephotocart
Product-sunshine_photo_cartSunshine Photo Cart
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2019-20330
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-8.64% / 94.45%
||
7 Day CHG~0.00%
Published-03 Jan, 2020 | 03:35
Updated-05 Aug, 2024 | 02:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.

Action-Not Available
Vendor-n/aDebian GNU/LinuxOracle CorporationFasterXML, LLC.NetApp, Inc.
Product-global_lifecycle_management_opatchretail_sales_auditcommunications_contacts_serverprimavera_unifiercommunications_cloud_native_core_network_slice_selection_functiononcommand_api_servicescommunications_billing_and_revenue_managementsiebel_engineering_-_installer_\&_deploymentjd_edwards_enterpriseone_orchestratorsiebel_ui_frameworkcommunications_network_charging_and_controlactive_iq_unified_managerbanking_platformcommunications_instant_messaging_serverretail_merchandising_systemsnapcentersteelstore_cloud_integrated_storagedebian_linuxweblogic_serverjackson-databindtrace_file_analyzergoldengate_stream_analyticsretail_xstore_point_of_servicecustomer_management_and_segmentation_foundationcommunications_evolved_communications_application_servergoldengate_application_adaptersservice_level_managerjd_edwards_enterpriseone_toolsenterprise_manager_base_platformwebcenter_portaln/a
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-31094
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-8.5||HIGH
EPSS-0.55% / 42.05%
||
7 Day CHG~0.00%
Published-31 Mar, 2024 | 18:03
Updated-28 Apr, 2026 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Filter Custom Fields & Taxonomies Light plugin <= 1.05 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Filter Custom Fields & Taxonomies Light.This issue affects Filter Custom Fields & Taxonomies Light: from n/a through 1.05.

Action-Not Available
Vendor-Filter Custom Fields & Taxonomies Lightfilter_custom_fields_and_taxonomies_light
Product-Filter Custom Fields & Taxonomies Lightfilter_custom_fields_and_taxonomies_light
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-3070
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-1.16% / 63.22%
||
7 Day CHG~0.00%
Published-09 May, 2024 | 20:03
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Last Viewed Posts by WPBeginner <= 1.0.0 - Unauthenticated PHP Object Injection

The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input from the LastViewedPosts Cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.

Action-Not Available
Vendor-jottlieb
Product-Last Viewed Posts by WPBeginner
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-28861
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.53% / 71.75%
||
7 Day CHG~0.00%
Published-22 Mar, 2024 | 16:43
Updated-05 Dec, 2025 | 19:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gadget chain in Symfony 1 due to uncontrolled unserialized input in sfNamespacedParameterHolder

Symfony 1 is a community-driven fork of the 1.x branch of Symfony, a PHP framework for web projects. Starting in version 1.1.0 and prior to version 1.5.19, Symfony 1 has a gadget chain due to dangerous deserialization in `sfNamespacedParameterHolder` class that would enable an attacker to get remote code execution if a developer deserializes user input in their project. Version 1.5.19 contains a patch for the issue.

Action-Not Available
Vendor-friendsofsymfony1FriendsOfSymfony1friends_of_symfony_project
Product-symfony1symfony1fosuserbundle
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-29847
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-10||CRITICAL
EPSS-52.91% / 98.84%
||
7 Day CHG~0.00%
Published-12 Sep, 2024 | 01:09
Updated-17 Sep, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution.

Action-Not Available
Vendor-Ivanti Software
Product-endpoint_managerEPMendpoint_manager
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-27604
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.04% / 59.74%
||
7 Day CHG~0.00%
Published-02 Apr, 2024 | 00:00
Updated-27 Mar, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Alldata V0.4.6 is vulnerable to Command execution vulnerability. System commands can be deserialized.

Action-Not Available
Vendor-alldatan/a
Product-alldatan/a
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-28211
Matching Score-4
Assigner-Naver Corporation
ShareView Details
Matching Score-4
Assigner-Naver Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.80% / 51.99%
||
7 Day CHG~0.00%
Published-07 Mar, 2024 | 04:49
Updated-07 May, 2025 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

nGrinder before 3.5.9 allows connection to malicious JMX/RMI server by default, which could be the cause of executing arbitrary code via RMI registry by remote attacker.

Action-Not Available
Vendor-naverNAVERnaver
Product-ngrindernGrinderngrinder
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-28212
Matching Score-4
Assigner-Naver Corporation
ShareView Details
Matching Score-4
Assigner-Naver Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.03% / 59.38%
||
7 Day CHG~0.00%
Published-07 Mar, 2024 | 04:49
Updated-07 May, 2025 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

nGrinder before 3.5.9 uses old version of SnakeYAML, which could allow remote attacker to execute arbitrary code via unsafe deserialization.

Action-Not Available
Vendor-naverNAVERnaver
Product-ngrindernGrinderngrinder
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2016-1000027
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-32.26% / 98.11%
||
7 Day CHG~0.00%
Published-02 Jan, 2020 | 00:00
Updated-06 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required. NOTE: the vendor's position is that untrusted data is not an intended use case. The product's behavior will not be changed because some users rely on deserialization of trusted data.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)
Product-spring_frameworkn/a
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2019-20477
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-5.03% / 91.22%
||
7 Day CHG~0.00%
Published-19 Feb, 2020 | 03:09
Updated-05 Aug, 2024 | 02:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete fix for CVE-2017-18342.

Action-Not Available
Vendor-pyyamln/aFedora Project
Product-fedorapyyamln/a
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-7637
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.57% / 43.13%
||
7 Day CHG~0.00%
Published-20 May, 2026 | 02:27
Updated-20 May, 2026 | 12:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Boost <= 2.0.3 - Unauthenticated PHP Object Injection via STYXKEY-BOOST_USER_LOCATION Cookie

The Boost plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.0.3 via deserialization of untrusted input in the STYXKEY-BOOST_USER_LOCATION cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present.

Action-Not Available
Vendor-PixelYourSite
Product-Boost
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-7858
Matching Score-4
Assigner-Dassault Systèmes
ShareView Details
Matching Score-4
Assigner-Dassault Systèmes
CVSS Score-9.8||CRITICAL
EPSS-0.54% / 41.61%
||
7 Day CHG~0.00%
Published-01 Jun, 2026 | 07:45
Updated-01 Jun, 2026 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Deserialization of Untrusted Data vulnerability affecting Teamwork Cloud from No Magic Release 2022x through No Magic Release 2026x and Magic Collaboration Studio from CATIA Magic Release 2022x through CATIA Magic Release 2026x

A Deserialization of Untrusted Data vulnerability affecting Teamwork Cloud from No Magic Release 2022x through No Magic Release 2026x and Magic Collaboration Studio from CATIA Magic Release 2022x through CATIA Magic Release 2026x could lead to an unauthenticated remote code execution.

Action-Not Available
Vendor-Dassault Systèmes S.E. (3DS)
Product-Magic Collaboration StudioTeamwork Cloud - Enterprise EditionTeamwork Cloud - Business EditionTeamwork Cloud - Business Pro EditionTeamwork Cloud - Standard Edition
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2018-0147
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-18.55% / 96.90%
||
7 Day CHG~0.00%
Published-08 Mar, 2018 | 07:00
Updated-14 Jan, 2026 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-15||Apply updates per vendor instructions.

A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to release 5.8 patch 9 could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a crafted serialized Java object. An exploit could allow the attacker to execute arbitrary commands on the device with root privileges. Cisco Bug IDs: CSCvh25988.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-secure_access_control_systemCisco Secure Access Control SystemSecure Access Control System (ACS)
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-7301
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.40% / 31.95%
||
7 Day CHG~0.00%
Published-18 May, 2026 | 10:38
Updated-19 May, 2026 | 13:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE-2026-7301

SGLangs multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads() on incoming messages, enabling RCE when exposed to the internet.

Action-Not Available
Vendor-lmsysSGLang
Product-sglangSGLang
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-8024
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-9.3||CRITICAL
EPSS-0.55% / 42.14%
||
7 Day CHG~0.00%
Published-18 Jun, 2026 | 09:43
Updated-18 Jun, 2026 | 14:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Deserialization vulnerability in ibaPDA and ibaDatCoordinator

A remote, unauthenticated attacker may exploit a deserialization of untrusted data vulnerability in ibaPDA or ibaDatCoordinator to gain full access to the affected systems.

Action-Not Available
Vendor-iba
Product-ibaPDAibaDatCoordinator
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-6023
Matching Score-4
Assigner-Progress Software Corporation
ShareView Details
Matching Score-4
Assigner-Progress Software Corporation
CVSS Score-8.1||HIGH
EPSS-0.54% / 41.42%
||
7 Day CHG~0.00%
Published-22 Apr, 2026 | 07:13
Updated-05 May, 2026 | 18:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Deserialization of Untrusted Data Vulnerability in Telerik UI for ASP.NET AJAX

In Progress® Telerik® UI for AJAX versions 2024.4.1114 through 2026.1.421, the RadFilter control is vulnerable to insecure deserialization when restoring filter state if the state is exposed to the client. If an attacker tampers with this state, a server-side remote code execution is possible.

Action-Not Available
Vendor-Progress Software Corporation
Product-telerik_ui_for_asp.net_ajaxTelerik UI for ASP.NET AJAX
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2019-19230
Matching Score-4
Assigner-CA Technologies - A Broadcom Company
ShareView Details
Matching Score-4
Assigner-CA Technologies - A Broadcom Company
CVSS Score-9.8||CRITICAL
EPSS-3.76% / 88.58%
||
7 Day CHG~0.00%
Published-09 Dec, 2019 | 20:36
Updated-17 Sep, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote attacker to execute arbitrary code.

Action-Not Available
Vendor-Broadcom Inc.Linux Kernel Organization, IncMicrosoft Corporation
Product-noliowindowslinux_kernelCA Release Automation
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2025-43850
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.9||HIGH
EPSS-0.76% / 50.65%
||
7 Day CHG~0.00%
Published-05 May, 2025 | 18:20
Updated-01 Aug, 2025 | 16:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GHSL-2025-020_Retrieval-based-Voice-Conversion-WebUI

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The ckpt_dir variable takes user input (e.g. a path to a model) and passes it to the change_info function in export.py, which uses it to load the model on that path with torch.load, which can lead to unsafe deserialization and remote code execution. As of time of publication, no known patches exist.

Action-Not Available
Vendor-rvc-projectRVC-Project
Product-retrieval-based-voice-conversion-webuiRetrieval-based-Voice-Conversion-WebUI
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-56121
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.86% / 54.12%
||
7 Day CHG+0.11%
Published-24 Jun, 2026 | 14:49
Updated-30 Jun, 2026 | 12:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Feast < 0.63.0 Unauthenticated RCE via ApplyFeatureView gRPC Deserialization

Feast before 0.63.0 contains an unsafe deserialization vulnerability that allows unauthenticated or unauthorized attackers to achieve remote code execution by sending a crafted gRPC request to the registry server. The user_defined_function.body field of an OnDemandFeatureView spec is decoded from base64 and passed to dill.loads() before any authorization check is performed, enabling attackers to embed a malicious serialized Python object with an arbitrary __reduce__ method to execute OS commands as the feast service account.

Action-Not Available
Vendor-feast-devRed Hat, Inc.
Product-feastRed Hat OpenShift AI (RHOAI)
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-58126
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.75% / 50.47%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 14:39
Updated-02 Jul, 2026 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PACSgear PACS Scan 5.2.1 Unauthenticated RCE via .NET Remoting TCP Service

PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote attackers to read and write arbitrary files by exploiting an exposed .NET Remoting TCP service on port 22222 via PGImageExchQueue.exe without any authentication requirement. Attackers can chain the arbitrary file write primitive with DLL hijacking in PGImageExchangeQueueSvc.exe, which loads missing DLLs such as CRYPTSP.DLL from the application directory, to achieve remote code execution as NT Authority\SYSTEM upon service restart.

Action-Not Available
Vendor-Hyland
Product-PACSgear PACS Scan
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-57677
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.34% / 25.56%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 11:15
Updated-02 Jul, 2026 | 13:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Novalnet Payment Gateway for WooCommerce plugin <= 12.10.3 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Novalnet Payment Gateway for WooCommerce <= 12.10.3 versions.

Action-Not Available
Vendor-Novalnet
Product-Novalnet Payment Gateway for WooCommerce
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-58127
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.78% / 51.41%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 14:41
Updated-02 Jul, 2026 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PACSgear MediaWriter 5.2.1 Unauthenticated RCE via .NET Remoting TCP Service

PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered with ObjectURIs RemoteObj and UIRemoteObj, without any authentication requirement. By exploiting the MarshalByRefObject object unmarshalling technique and implementing .NET WebClient class methods, an unauthenticated remote attacker can read and write arbitrary files on the host filesystem. The ObjectURIs are identical across all installations by default. Chaining the arbitrary file write primitive with DLL hijacking opportunities in the MediaWriter service (which runs as NT Authority\\SYSTEM and loads missing DLLs such as CRYPTBASE.DLL from the application directory) enables unauthenticated remote code execution as SYSTEM upon service restart.

Action-Not Available
Vendor-Hyland
Product-PACSgear MediaWriter
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2019-18956
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-5.76% / 92.17%
||
7 Day CHG~0.00%
Published-17 Dec, 2019 | 15:08
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Divisa Proxia Suite 9 < 9.12.16, 9.11.19, 9.10.26, 9.9.8, 9.8.43 and 9.7.10, 10.0 < 10.0.32, and 10.1 < 10.1.5, SparkSpace 1.0 < 1.0.30, 1.1 < 1.1.2, and 1.2 < 1.2.4, and Proxia PHR 1.0 < 1.0.30 and 1.1 < 1.1.2 allows remote code execution via untrusted Java deserialization. The proxia-error cookie is insecurely deserialized in every request (GET or POST). Thus, an unauthenticated attacker can easily craft a seria1.0lized payload in order to execute arbitrary code via the prepareError function in the com.divisait.dv2ee.controller.MVCControllerServlet class of the dv2eemvc.jar component. allows remote code execution via untrusted Java deserialization. The proxia-error cookie is insecurely deserialized in every request (GET or POST). Thus, an unauthenticated attacker can easily craft a serialized payload in order to execute arbitrary code via the prepareError function in the com.divisait.dv2ee.controller.MVCControllerServlet class of the dv2eemvc.jar component. Affected products include Proxia Premium Edition 2017 and Sparkspace.

Action-Not Available
Vendor-divisaitn/a
Product-sparkspacedv2eemvcproxia_phrproxia_suiten/a
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-56057
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 34.28%
||
7 Day CHG~0.00%
Published-26 Jun, 2026 | 14:52
Updated-26 Jun, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Uncanny Automator Pro plugin <= 7.3.0.6 - PHP Object Injection vulnerability

Subscriber PHP Object Injection in Uncanny Automator Pro <= 7.3.0.6 versions.

Action-Not Available
Vendor-Uncanny Owl Inc.
Product-Uncanny Automator Pro
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-53874
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.52% / 40.29%
||
7 Day CHG~0.00%
Published-17 Jun, 2026 | 15:05
Updated-23 Jun, 2026 | 03:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
picklescan - Arbitrary Code Execution via Obfuscated eval Call

picklescan before 1.0.1 contains an unsafe deserialization vulnerability allowing unauthenticated users to execute arbitrary code by hiding eval calls nested under callable objects via getattr. Attackers can embed malicious code in pickle files that evades detection but executes when the pickle is loaded from untrusted sources.

Action-Not Available
Vendor-picklescan
Product-picklescan
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-53914
Matching Score-4
Assigner-JetBrains s.r.o.
ShareView Details
Matching Score-4
Assigner-JetBrains s.r.o.
CVSS Score-6.7||MEDIUM
EPSS-0.20% / 9.46%
||
7 Day CHG~0.00%
Published-26 Jun, 2026 | 13:01
Updated-27 Jun, 2026 | 19:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In JetBrains Kotlin before 2.4.20 code execution was possible via unsafe deserialization in the build cache metadata

Action-Not Available
Vendor-JetBrains s.r.o.
Product-kotlinKotlin
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-54194
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 30.61%
||
7 Day CHG~0.00%
Published-16 Jun, 2026 | 20:56
Updated-17 Jun, 2026 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Fusion Builder plugin <= 3.15.4 - PHP Object Injection vulnerability

Contributor PHP Object Injection in Fusion Builder <= 3.15.4 versions.

Action-Not Available
Vendor-Avada (ThemeFusion)
Product-Fusion Builder
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2003-0791
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.12% / 79.66%
||
7 Day CHG~0.00%
Published-14 Apr, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.

Action-Not Available
Vendor-scon/aMozilla Corporation
Product-openservermozillan/a
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-54806
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.59% / 43.80%
||
7 Day CHG~0.00%
Published-17 Jun, 2026 | 09:51
Updated-17 Jun, 2026 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress WP Activity Log plugin <= 5.6.3.1 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in WP Activity Log <= 5.6.3.1 versions.

Action-Not Available
Vendor-Melapress
Product-WP Activity Log
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-53805
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.69% / 48.09%
||
7 Day CHG~0.00%
Published-17 Jun, 2026 | 16:44
Updated-23 Jun, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NVIDIA SIL GEN3C Unauthenticated RCE via Pickle Deserialization in Inference API

NVIDIA Spatial Intelligence Lab's (SIL) GEN3C contains an unauthenticated remote code execution vulnerability in the inference API server where the /request-inference and /seed-model endpoints deserialize raw HTTP request bodies using Python's pickle.loads() without authentication or input validation. Attackers can supply a crafted payload containing a __reduce__ gadget to the inference API port to achieve remote code execution as the inference process.

Action-Not Available
Vendor-nv-tlabs
Product-GEN3C
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2019-18935
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-99.74% / 99.95%
||
7 Day CHG~0.00%
Published-11 Dec, 2019 | 00:00
Updated-07 Nov, 2025 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Exploitation can result in remote code execution. (As of 2020.1.114, a default setting prevents the exploit. In 2019.3.1023, but not earlier versions, a non-default setting can prevent exploitation.)

Action-Not Available
Vendor-n/aTelerikProgress Software Corporation
Product-ui_for_asp.net_ajaxn/aTelerik UI for ASP.NET AJAX
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2015-8103
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-86.83% / 99.72%
||
7 Day CHG~0.00%
Published-25 Nov, 2015 | 20:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to execute arbitrary code via a crafted serialized Java object, related to a problematic webapps/ROOT/WEB-INF/lib/commons-collections-*.jar file and the "Groovy variant in 'ysoserial'".

Action-Not Available
Vendor-n/aJenkinsRed Hat, Inc.
Product-jenkinsopenshift_container_platformn/a
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-51947
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.13% / 62.46%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 00:00
Updated-02 Jul, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in Pivotal CRM 6.6.4.08 and systems using patch-ghi-15381-cwe-502-20251225.zip (fixed in Pivotal CRM 6.6.5.10 and Patch_CWE502_20260316.zip) allows a remote attacker to execute arbitrary code via the Pivotal.Engine.Client.Services.Conversion.dll component. NOTE: this issue exists because of an incomplete fix for CVE-2026-39253.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2025-61622
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-41.25% / 98.50%
||
7 Day CHG-8.27%
Published-01 Oct, 2025 | 09:55
Updated-03 Dec, 2025 | 21:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Fory, Apache Fory: Python RCE via unguarded pickle fallback serializer in pyfory

Deserialization of untrusted data in python in pyfory versions 0.12.0 through 0.12.2, or the legacy pyfury versions from 0.1.0 through 0.10.3: allows arbitrary code execution. An application is vulnerable if it reads pyfory serialized data from untrusted sources. An attacker can craft a data stream that selects pickle-fallback serializer during deserialization, leading to the execution of `pickle.loads`, which is vulnerable to remote code execution. Users are recommended to upgrade to pyfory version 0.12.3 or later, which has removed pickle fallback serializer and thus fixes this issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-foryApache Fory
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-49768
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.38% / 30.28%
||
7 Day CHG~0.00%
Published-15 Jun, 2026 | 20:19
Updated-16 Jun, 2026 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Happyforms plugin <= 1.26.13 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Happyforms <= 1.26.13 versions.

Action-Not Available
Vendor-Happyforms
Product-Happyforms
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-52706
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.47% / 37.08%
||
7 Day CHG~0.00%
Published-17 Jun, 2026 | 09:51
Updated-17 Jun, 2026 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress JetEngine plugin <= 3.8.10 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in JetEngine <= 3.8.10 versions.

Action-Not Available
Vendor-Jetimpex Inc.
Product-JetEngine
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-49769
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.38% / 30.27%
||
7 Day CHG~0.00%
Published-15 Jun, 2026 | 20:19
Updated-16 Jun, 2026 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress wpForo Forum plugin <= 3.1.0 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in wpForo Forum <= 3.1.0 versions.

Action-Not Available
Vendor-Tomdever
Product-wpForo Forum
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-49765
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-9.8||CRITICAL
EPSS-0.38% / 30.28%
||
7 Day CHG~0.00%
Published-15 Jun, 2026 | 20:19
Updated-16 Jun, 2026 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.1.8 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.8 versions.

Action-Not Available
Vendor-CRM Perks
Product-Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2023-47507
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-7.1||HIGH
EPSS-0.39% / 30.77%
||
7 Day CHG~0.00%
Published-20 Dec, 2023 | 13:25
Updated-28 Apr, 2026 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Master Slider Pro Plugin <= 3.6.5 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in Master Slider Master Slider Pro.This issue affects Master Slider Pro: from n/a through 3.6.5.

Action-Not Available
Vendor-Master SliderDepicter (Averta)
Product-master_slider_proMaster Slider Pro
CWE ID-CWE-502
Deserialization of Untrusted Data
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 20
  • 21
  • Next
Details not found