Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

JasperReports Library Professional

Source -

CNA

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2026-6009
Assigner-db6d2600-d19b-4111-a010-f3c4ed70cd50
ShareView Details
Assigner-db6d2600-d19b-4111-a010-f3c4ed70cd50
CVSS Score-8.7||HIGH
EPSS-0.48% / 37.43%
||
7 Day CHG~0.00%
Published-19 May, 2026 | 17:23
Updated-20 May, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Jaspersoft Library Deserialisation Vulnerability

Java Deserialisation Vulnerability in Jaspersoft Reports Library leads to Remote Code Execution (RCE), potentially allowing code execution on the affected system

Action-Not Available
Vendor-Jaspersoft (Cloud Software Group, Inc.)
Product-JasperReports ServerJaspersoft Studio ProfessionalJasperReports IO At-ScaleJasperReports Library Community EditionJasperReports Library ProfessionalJasperReports Web StudioJasperReports IO ProfessionalJaspersoft Studio Community Edition
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2025-10492
Assigner-db6d2600-d19b-4111-a010-f3c4ed70cd50
ShareView Details
Assigner-db6d2600-d19b-4111-a010-f3c4ed70cd50
CVSS Score-8.7||HIGH
EPSS-0.88% / 54.32%
||
7 Day CHG~0.00%
Published-16 Sep, 2025 | 16:41
Updated-10 Feb, 2026 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Jaspersoft Library Deserialisation Vulnerability

A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library

Action-Not Available
Vendor-Jaspersoft (Cloud Software Group, Inc.)Cloud Software Group, Inc.
Product-jasperreports_web_studiojasperreports_iojasperreports_studiojasperreports_libraryjasperreports_serverJaspersoft Studio Community EditionJasperReports ServerJaspersoft Studio ProfessionalJasperReports Library ProfessionalJasperReports IO ProfessionalJasperReports IO At-ScaleJasperReports Library Community EditionJasperReports Web Studio
CWE ID-CWE-502
Deserialization of Untrusted Data