Skip to main content

Ad Miner

1 CVEs product

Monthly

CVE-2026-14723 MEDIUM PATCH This Month

Unsafe deserialization in AD-Security AD_Miner 1.9.0 allows a local low-privilege attacker to achieve code execution by supplying a crafted serialized payload as the sys.argv[1] argument to the Cache Handler's request_a function in analyse_cache.py. The attack is strictly local with no network exposure, and impacts confidentiality, integrity, and availability at a low level within the vulnerable process. No public exploit has been identified; an upstream fix exists as GitHub PR #239 but awaits acceptance, meaning no released patched version is currently available.

Deserialization Ad Miner
NVD VulDB GitHub
CVSS 4.0
4.8
EPSS
0.1%
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Unsafe deserialization in AD-Security AD_Miner 1.9.0 allows a local low-privilege attacker to achieve code execution by supplying a crafted serialized payload as the sys.argv[1] argument to the Cache Handler's request_a function in analyse_cache.py. The attack is strictly local with no network exposure, and impacts confidentiality, integrity, and availability at a low level within the vulnerable process. No public exploit has been identified; an upstream fix exists as GitHub PR #239 but awaits acceptance, meaning no released patched version is currently available.

Deserialization Ad Miner
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy