Deserialization
Monthly
wolfSSL versions up to 5.9.0 allow arbitrary memory deallocation via unsafe deserialization of poisoned session cache data. An attacker with high privileges who can inject a crafted session into the cache and trigger specific session restore API calls can cause memory corruption with availability impact. No public exploit code or active exploitation has been confirmed; the vulnerability requires precise conditions including local access, high privileges, and user interaction.
Remote code execution in Sonatype Nexus Repository 3.22.1-3.90.2 allows authenticated attackers with task creation permissions to execute arbitrary code via unsafe deserialization in the task management component. Exploitation bypasses the nexus.scripts.allowCreation security control, granting unauthorized code execution on the server. CVSS 9.4 (Critical). No public exploit identified at time of analysis. Attack requires low-privileged authentication (PR:L) and network access but no user interaction.
LangChain's f-string prompt-template validation allows information disclosure through attribute access and nested format-specifier injection in DictPromptTemplate and ImagePromptTemplate classes. Unauthenticated remote attackers can craft malicious template strings to expose internal object state, model context, or logs when templates are formatted with rich Python objects. Practical impact is limited to applications that accept untrusted template strings (not just variable values) and pass complex objects into template formatting; hardcoded templates and value-only user input are unaffected. Vendor-released patch available in langchain-core 0.3.84 and 1.2.28.
Unsafe YAML deserialization in PraisonAI allows remote code execution through malicious agent definition files. The AgentService.loadAgentFromFile method uses js-yaml.load without safe schema restrictions, permitting dangerous tags like !!js/function that execute arbitrary JavaScript. Unauthenticated attackers can upload crafted YAML files via API endpoints to achieve complete server compromise. Affects PraisonAI prior to v4.5.115. Publicly available exploit code exists via proof-of-concept demonstrating command execution.
Arbitrary code execution in Red Hat Quay via unsafe deserialization during resumable container image uploads affects multiple Quay 3.x deployments and Mirror Registry instances. An authenticated attacker with low privileges can tamper with intermediate upload data stored in the database to execute code on the Quay server, though exploitation requires high attack complexity and user interaction (CVSS 7.1). EPSS data not available; no public exploit identified at time of analysis, but the deserialization vulnerability class (CWE-502) is well-understood and frequently targeted.
PHP object injection in Everest Forms for WordPress (all versions ≤3.4.3) allows unauthenticated remote attackers to achieve critical system compromise. Attackers submit malicious serialized payloads through any public form field, which persist through sanitization into the wp_evf_entrymeta database table. When administrators view form entries, unsafe unserialize() without class restrictions processes the payload, enabling arbitrary code execution. CVSS 9.8 (Critical) reflects network-accessible attack requiring no authentication or user interaction. No active exploitation confirmed (not in CISA KEV); EPSS data not provided. Vendor-released patch available in version 3.4.4.
Remote code execution in IBM Langflow Desktop versions 1.6.0 through 1.8.2 allows authenticated attackers to execute arbitrary code via unsafe deserialization in the FAISS component. The vulnerability stems from an insecure default configuration that permits deserialization of untrusted data. With CVSS 8.8 (High) reflecting network accessibility, low complexity, and full impact on confidentiality, integrity, and availability, this represents a critical risk for organizations running affected versions. Vendor-released patch available through IBM security advisory. No public exploit identified at time of analysis, though the attack path is well-understood given the CWE-502 deserialization vulnerability class.
Arbitrary code execution in NVIDIA DALI (all versions prior to 2.0) allows local authenticated attackers with low privileges to execute malicious code by exploiting insecure deserialization of untrusted data, requiring user interaction. EPSS exploitation probability and KEV status data not available; no public exploit identified at time of analysis. The vulnerability affects NVIDIA's Data Loading Library, a critical component in AI/ML data preprocessing pipelines.
Remote code execution in OpenIdentityPlatform OpenAM 16.0.5 and earlier allows unauthenticated attackers to execute arbitrary OS commands via unsafe Java deserialization of the jato.clientSession HTTP parameter. This bypass exploits an unpatched deserialization sink in JATO's ClientSession.deserializeAttributes() that was overlooked when CVE-2021-35464 was mitigated. Attackers can target any JATO ViewBean endpoint with <jato:form> tags (commonly found in password reset pages) using a PriorityQueue→TemplatesImpl gadget chain with libraries bundled in OpenAM's WAR file. Vendor-released patch available in version 16.0.6 (GitHub commit 014007c). No public exploit code identified at time of analysis, but detailed technical writeup with gadget chain specifics has been published.
Buffer use-after-free in Apache Kafka Java producer client (versions ≤3.9.1, ≤4.0.1, ≤4.1.1) can silently route messages to incorrect topics when batch expiration races with in-flight network requests. CVSS 8.7 (High) with network-accessible attack vector and high complexity. CISA SSVC indicates no active exploitation, non-automatable attack, and partial technical impact. No public exploit identified at time of analysis. EPSS data not provided, but the combination of high CVSS, cross-scope impact (S:C), and dual confidentiality/integrity impact warrants prioritization for environments processing sensitive message streams.
Unsafe deserialization in pytries datrie through version 0.8.3 enables remote code execution when loading untrusted trie files via Trie.load(), Trie.read(), or Trie.__setstate__(). Unauthenticated remote attackers can exploit this vulnerability by crafting malicious serialized trie objects; publicly available exploit code exists, and the maintainers have not yet addressed the issue despite early notification.
Unsafe deserialization in FedML-AI FedML's gRPC server allows unauthenticated remote attackers to achieve confidentiality, integrity, and availability compromise through malicious payloads sent to the sendMessage function in versions up to 0.8.9. EPSS data not available; no CISA KEV listing indicates no confirmed active exploitation at time of analysis. Vendor unresponsive to coordinated disclosure attempts, raising concerns about patch availability and ongoing risk for production deployments of this federated machine learning framework.
Arbitrary code execution in pyload-ng via pickle deserialization allows non-admin users with SETTINGS and ADD permissions to write malicious session files and trigger unauthenticated RCE. Attackers redirect the download directory to Flask's session store (/tmp/pyLoad/flask), plant a crafted pickle payload as a predictable session filename, then trigger deserialization by sending any HTTP request with the corresponding session cookie. This bypasses CVE-2026-33509 fix controls because storage_folder was not added to ADMIN_ONLY_OPTIONS. No public exploit identified at time of analysis, though detailed proof-of-concept methodology is documented in the advisory. EPSS data not available for this recent CVE.
Unsafe deserialization in NASA cFS Pickle Module (versions up to 7.0.0) allows authenticated local attackers with low privileges to trigger remote code execution or information disclosure through the pickle.load() function. The vulnerability requires high attack complexity and local access, limiting its practical exploitation scope. Public exploit code is available, but the issue remains unpatched as of the last vendor update.
Unsafe deserialization in Roundcube Webmail's Redis/Memcache session handler allows unauthenticated remote attackers to write arbitrary files by crafting malicious session data. Affected versions include all 1.6.x before 1.6.14 and all 1.5.x before 1.5.14. While the CVSS score of 3.7 is low and attack complexity is high, the integrity impact (arbitrary file write) poses a real risk to instances using Redis or Memcache for session storage.
Remote Code Execution in Group-Office enterprise CRM via insecure deserialization allows authenticated attackers to write arbitrary files and execute code on the server. Affects all versions prior to 6.8.156, 25.0.90, and 26.0.12 across multiple product branches. CVSS 9.9 (Critical) with network-based attack vector requiring only low-privileged authentication. No public exploit identified at time of analysis, though the technical details in the GitHub Security Advisory provide sufficient implementation guidance. EPSS data not available, but the combination of authenticated remote access, low complexity, and direct RCE makes this a priority for patching in exposed Group-Office installations.
Remote code execution in OpenSTAManager v2.10.1 and earlier allows authenticated attackers to achieve unauthenticated RCE via chained exploitation of arbitrary SQL injection (GHSA-2fr7-cc4f-wh98) and insecure PHP deserialization in the oauth2.php endpoint. The unauthenticated oauth2.php file calls unserialize() on attacker-controlled database content without class restrictions, enabling gadget chain exploitation (Laravel/RCE22) to execute arbitrary system commands as www-data. Attack requires initial admin credentials to inject malicious serialized objects via SQL injection, then triggers via anonymous GET request. Vendor-released patch available in v2.10.2. No public exploit code or active exploitation (CISA KEV) identified at time of analysis, though detailed proof-of-concept included in advisory with working Python exploit scripts.
Deserialization of untrusted data in NVIDIA BioNeMo Framework enables local attackers to execute arbitrary code, cause denial of service, disclose sensitive information, or tamper with data when users open malicious files. CVSS 7.8 (High) reflects local attack vector requiring user interaction. EPSS data not available; no public exploit identified at time of analysis. Affects NVIDIA BioNeMo Framework, a platform for AI-driven drug discovery and biomolecular research.
Insecure deserialization in NVIDIA BioNeMo Framework enables remote code execution when attackers can induce users to process malicious serialized data. This vulnerability (CWE-502) affects the BioNeMo Framework with network-reachable attack surface (AV:N) and low complexity (AC:L), requiring only user interaction (UI:R) but no authentication (PR:N). The CVSS 8.8 rating reflects critical impacts across confidentiality, integrity, and availability. No public exploit identified at time of analysis, though the deserialization vulnerability class is well-understood and commonly exploited. EPSS data not available for this CVE.
Insecure deserialization in WatchGuard Fireware OS enables local code execution as the portald user when combined with a filesystem write primitive. Affects Fireware OS versions 12.1 through 12.11.8 and 2025.1 through 2026.1.2 on platforms supporting Access Portal (excludes T-15/T-35 models). CVSS 8.4 severity reflects high impact but requires prior high-privilege local access and an existing write vulnerability to exploit. No public exploit identified at time of analysis, with EPSS data unavailable for risk probability assessment.
Insecure deserialization in Gigabyte Control Center's Performance Library component allows authenticated local users to escalate privileges to SYSTEM by sending crafted serialized payloads to the EasyTune Engine service. Affecting Gigabyte Performance Library across versions, this CWE-502 flaw enables low-privileged users to gain complete control of the Windows system. EPSS data not available; no public exploit identified at time of analysis, though the local attack vector and low complexity (CVSS:3.1/AV:L/AC:L/PR:L) suggest exploitation is technically straightforward for attackers with initial local access.
Arbitrary Perl code execution in GRID::Machine through version 0.127 occurs when clients connect to remote hosts via RPC over SSH, as the client-side deserializer uses eval() on untrusted data from the remote peer without validation. A compromised or malicious remote host can inject arbitrary Perl code into Dumper-formatted responses that executes silently on the client during RPC calls, while maintaining correct return values to avoid detection. The vulnerability is design-inherent but the trust requirement for remote hosts is not documented, creating a security expectation mismatch for users.
Remote attackers can crash Zebra cryptocurrency nodes (versions <4.3.0) by sending malformed V5 transactions that pass initial deserialization but trigger panics during transaction ID calculation. The vulnerability requires no authentication and can be exploited via a single crafted network message to the P2P port (8233) or through the sendrawtransaction RPC method. No public exploit code has been identified at time of analysis, though the attack mechanism is well-documented in the vendor advisory. EPSS data not available for this CVE.
The serialize-javascript npm library versions prior to 7.0.5 contain a CPU exhaustion denial-of-service vulnerability triggered when processing specially crafted array-like objects with artificially large length properties, causing the serialization process to hang indefinitely and consume 100% CPU. The vulnerability affects npm package serialize-javascript (pkg:npm/serialize-javascript) and impacts applications that serialize untrusted or user-controlled objects, particularly those also vulnerable to prototype pollution or YAML deserialization attacks that could inject malicious payloads. No public exploit code has been identified, but the attack vector is network-accessible with high complexity, posing a moderate real-world threat in supply-chain and backend service contexts.
Prototype pollution in the locutus npm package's unserialize() function allows remote attackers to inject arbitrary properties into deserialized objects by crafting malicious PHP-serialized payloads containing __proto__ keys, enabling authorization bypass, property propagation attacks, and denial of service via method override. The vulnerability affects locutus versions prior to 3.0.25; publicly available exploit code exists demonstrating property injection, for-in propagation to real own properties, and built-in method disruption.
Remote Code Execution and Arbitrary File Read in Metabase Enterprise Edition allows authenticated administrators to execute arbitrary code and read sensitive files via malicious serialization archives. Affected versions span at least 1.47 through 1.59.3, with patches released in versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4. The vulnerability exploits the POST /api/ee/serialization/import endpoint by injecting INIT properties into H2 JDBC specifications within crafted serialization archives, triggering arbitrary SQL execution during database synchronization. Authentication as an admin is required (CVSS PR:H), and the vulnerability has been confirmed exploitable on Metabase Cloud infrastructure.
Remote code execution is possible in DataDog's dd-trace-java agent versions prior to 1.60.3 when running on JDK 16 or earlier with exposed JMX/RMI ports. The vulnerability stems from unsafe deserialization in the RMI instrumentation's custom endpoint, allowing network-accessible attackers to execute arbitrary code if gadget-chain libraries exist on the classpath. Vendor-released patch: version 1.60.3. No public exploit identified at time of analysis, though the issue was responsibly disclosed through DataDog's bug bounty program by Mohamed Amine ait Ouchebou.
A deserialization vulnerability exists in the wvp-GB28181-pro project (a video streaming platform using GB28181 protocol) through version 2.7.4, specifically in the GenericFastJsonRedisSerializer implementation within the Redis configuration. The flaw allows unauthenticated remote attackers to exploit insecure deserialization through the API endpoint, potentially achieving code execution or data manipulation with low complexity. A public proof-of-concept exploit has been released on GitHub, significantly increasing the risk of active exploitation, and the vendor has not responded to disclosure attempts.
The Frontend Admin by DynamiApps plugin for WordPress contains a PHP Object Injection vulnerability affecting all versions up to and including 3.28.31. Authenticated attackers with Editor-level privileges or higher can exploit unsafe deserialization of the 'post_content' field in admin_form posts to inject malicious PHP objects and achieve remote code execution through available POP chains. This represents a critical risk for WordPress sites using this plugin with elevated user accounts.
Saloon PHP library versions prior to 4.0.0 contain a PHP object injection vulnerability in the AccessTokenAuthenticator::unserialize() method, which unsafely deserializes OAuth token state using unserialize() with allowed_classes set to true. An attacker who can control the serialized token string-such as by overwriting a cached token file or injecting malicious data-can supply a crafted serialized gadget object that executes arbitrary code through PHP magic methods during deserialization. In environments with common dependencies like Monolog present, this vulnerability can be reliably chained to achieve remote code execution (RCE), making it a critical threat to any API integration or SDK built on vulnerable Saloon versions.
A deserialization vulnerability in OpenTelemetry Java instrumentation versions prior to 2.26.1 allows remote code execution when the RMI instrumentation endpoint processes untrusted data without serialization filters. The vulnerability affects applications using the OpenTelemetry Java agent with network-reachable RMI/JMX endpoints and gadget-chain-compatible libraries on the classpath. This was responsibly disclosed in coordination with Datadog, and a patch is available in version 2.26.1.
A deserialization of untrusted data vulnerability in the JS Archive List jQuery widget (jquery-archive-list-widget) versions up to 6.1.7 allows remote attackers to inject malicious objects and achieve code execution or information disclosure. The vulnerability affects WordPress installations using the vulnerable plugin versions, and exploitation requires sending crafted serialized PHP objects to the affected endpoint. No CVSS vector or EPSS score has been assigned, and KEV status is unknown, though the vulnerability was reported by Patchstack security researchers.
A PHP object injection vulnerability exists in the Edge-Themes Pelicula video production and movie theme due to insecure deserialization of untrusted data, classified as CWE-502. The vulnerability affects Pelicula versions prior to 1.10, allowing attackers to inject arbitrary objects and potentially achieve remote code execution or other malicious outcomes. No CVSS score or EPSS data has been published, and no confirmed KEV or active exploitation in the wild has been reported, but the nature of object injection vulnerabilities typically enables high-impact attacks when paired with accessible gadget chains in the WordPress ecosystem.
A deserialization of untrusted data vulnerability exists in Mikado-Themes Stål (a WordPress theme) that allows arbitrary object injection through unsafe unserialize() operations. Versions prior to 1.7 are affected. An attacker can exploit this to instantiate arbitrary PHP objects, potentially leading to remote code execution, data exfiltration, or site compromise depending on available gadget chains in the WordPress environment.
A deserialization of untrusted data vulnerability exists in Edge-Themes Kamperen WordPress theme versions prior to 1.3, allowing attackers to perform arbitrary object instantiation through object injection attacks. This CWE-502 vulnerability enables remote code execution or information disclosure without requiring authentication in many scenarios. While no CVSS score is currently published and KEV/EPSS data are unavailable, the vulnerability has been reported by Patchstack and affects all installations of the Kamperen theme below version 1.3.
A deserialization of untrusted data vulnerability exists in Edge-Themes Gracey WordPress theme versions prior to 1.4, allowing attackers to perform arbitrary object instantiation through object injection attacks. This CWE-502 vulnerability affects all installations of Gracey below version 1.4 and could enable remote code execution or other malicious actions depending on available gadget chains in the WordPress environment. No CVSS score, EPSS risk metric, or KEV status has been publicly assigned, but the vulnerability is documented by Patchstack with a patch available in version 1.4.
This is a deserialization of untrusted data vulnerability in the Mikado-Themes Halstein WordPress theme (versions prior to 1.8) that allows arbitrary object injection via CWE-502. An attacker can exploit this flaw to instantiate arbitrary PHP objects, potentially leading to remote code execution or information disclosure depending on available gadget chains. The vulnerability was reported by Patchstack and affects all versions of Halstein below 1.8; no CVSS score, EPSS data, or KEV status is currently published, limiting immediate risk quantification but indicating this is a serious deserialization flaw that should be patched urgently.
A deserialization of untrusted data vulnerability exists in Elated-Themes Leroux WordPress theme versions prior to 1.4, allowing unauthenticated attackers to perform arbitrary object instantiation through object injection attacks. An attacker can exploit this vulnerability to instantiate arbitrary PHP objects, potentially leading to remote code execution or information disclosure depending on available gadget chains in the WordPress environment. While no CVSS score or active KEV status is currently available, the vulnerability has been documented by Patchstack and assigned ENISA EUVD ID EUVD-2026-15861, indicating it is a recognized threat affecting WordPress installations using the vulnerable Leroux theme.
A deserialization of untrusted data vulnerability exists in Edge-Themes Archicon WordPress theme versions prior to 1.7, allowing attackers to perform arbitrary object instantiation through object injection attacks. This vulnerability, tracked as CWE-502, enables attackers to instantiate arbitrary PHP objects during the deserialization process, potentially leading to remote code execution or other malicious outcomes depending on available gadget chains in the WordPress environment. The vulnerability was reported by Patchstack and affects all versions of Archicon below 1.7, with a patch available in version 1.7 and later.
A deserialization of untrusted data vulnerability exists in Select-Themes Borgholm marketing agency theme (WordPress) that allows object injection attacks. The vulnerability affects Borgholm versions prior to 1.6, and attackers can exploit this to inject malicious PHP objects that execute arbitrary code within the WordPress environment. While no CVSS score or EPSS data is currently available, the CWE-502 classification indicates this is a critical deserialization flaw with high exploitation potential; no active KEV or public POC status is documented, but the vulnerability was reported through Patchstack with full advisory details available.
A PHP object injection vulnerability exists in BoldGrid weForms plugin through version 1.6.26 due to unsafe deserialization of untrusted data, allowing attackers to instantiate arbitrary objects and potentially execute remote code or manipulate application state. This affects WordPress installations using the vulnerable weForms plugin versions, and exploitation requires no authentication based on the deserialization attack vector. While no CVSS score or EPSS data is currently available, the CWE-502 classification and object injection capability represent a critical-severity issue typical of deserialization flaws that often lead to remote code execution.
A deserialization of untrusted data vulnerability (CWE-502) exists in the magepeopleteam Bus Ticket Booking with Seat Reservation WordPress plugin through version 5.6.0, allowing object injection attacks. An attacker can inject malicious serialized PHP objects into the application, potentially leading to remote code execution or other critical impacts depending on available gadget chains in the WordPress environment. No CVSS score or EPSS data is currently available, and KEV status is unknown, but the vulnerability affects all installations running the vulnerable plugin versions.
A PHP Object Injection vulnerability exists in the ThemeREX Buisson WordPress theme through version 1.1.11, stemming from unsafe deserialization of untrusted data (CWE-502). This flaw allows attackers to inject malicious serialized objects that can lead to arbitrary code execution or other object manipulation attacks depending on available gadget chains in the WordPress environment. While no CVSS score or EPSS data is currently published and the vulnerability has not been listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, the public disclosure via Patchstack indicates active awareness in the security community.
A PHP Object Injection vulnerability exists in the ThemeREX Work & Travel Company WordPress theme through version 1.2, stemming from unsafe deserialization of untrusted data (CWE-502). An attacker can exploit this vulnerability to inject malicious objects into the application, potentially leading to remote code execution or arbitrary object manipulation depending on the gadget chains available in the WordPress environment. No CVSS score, EPSS data, or KEV status is currently available, and the vulnerability was identified and reported by Patchstack, though active exploitation status remains unclear.
A PHP Object Injection vulnerability exists in ThemeREX Love Story WordPress theme through version 1.3.12, stemming from unsafe deserialization of untrusted data. This vulnerability allows attackers to inject malicious serialized objects that can lead to remote code execution or other object-oriented attack chains. The vulnerability is classified as CWE-502 (Deserialization of Untrusted Data) and has been reported by Patchstack; no CVSS score or EPSS data is currently available, and KEV status is unknown.
A PHP object injection vulnerability exists in the sbthemes WooCommerce Infinite Scroll plugin (versions up to and including 1.6.2) due to unsafe deserialization of untrusted data. This vulnerability allows attackers to inject malicious serialized objects, potentially leading to remote code execution or arbitrary object instantiation depending on available gadget chains within the WordPress environment. The vulnerability affects all installations of this plugin through version 1.6.2 and has been documented by Patchstack, though CVSS scoring and exploitation metrics are currently unavailable.
A PHP Object Injection vulnerability exists in the Nexa Blocks WordPress plugin (versions up to and including 1.1.1) due to unsafe deserialization of untrusted data, allowing attackers to instantiate arbitrary PHP objects and potentially achieve remote code execution. The vulnerability is classified as CWE-502 (Deserialization of Untrusted Data) and affects all installations of the affected plugin versions. While no CVSS score or EPSS data are currently available, the nature of object injection vulnerabilities combined with PHP's magic methods provides significant exploitation potential for code execution or privilege escalation.
Apicona, a WordPress theme by thememount, contains a PHP object injection vulnerability stemming from unsafe deserialization of untrusted data (CWE-502). All versions through 24.1.0 are affected. An attacker can exploit this to inject arbitrary objects into the application, potentially leading to remote code execution or other malicious object manipulation depending on available gadget chains within the PHP environment.
A deserialization of untrusted data vulnerability exists in the Rascals Vex theme (CWE-502) that allows attackers to perform PHP object injection attacks. The vulnerability affects Vex versions prior to 1.2.9, as confirmed by Patchstack reporting and ENISA EUVD-2026-15684. An attacker exploiting this flaw can inject malicious serialized objects to achieve arbitrary code execution or other malicious outcomes depending on available PHP magic methods in the application environment.
A deserialization of untrusted data vulnerability exists in Pendulum (a PHP datetime library) versions prior to 3.1.5, allowing attackers to perform object injection attacks. The vulnerability affects the rascals Pendulum library through unvalidated deserialization of user-supplied data. An attacker can exploit this to instantiate arbitrary PHP objects, potentially leading to remote code execution or other malicious outcomes depending on the application's gadget chain availability.
A PHP Object Injection vulnerability exists in the Rascals Meloo WordPress theme due to unsafe deserialization of untrusted data, classified under CWE-502 (Deserialization of Untrusted Data). This vulnerability affects Meloo versions prior to 2.8.2 and allows attackers to inject malicious objects that could lead to remote code execution or other security compromises. While no CVSS score, EPSS probability, or KEV status has been publicly assigned, the vulnerability was reported by Patchstack and has been assigned ENISA EUVD tracking ID EUVD-2026-15679, indicating active monitoring by European vulnerability databases.
A deserialization of untrusted data vulnerability exists in the park_of_ideas Ricky theme (all versions prior to 2.31) that allows object injection attacks. An attacker can inject malicious serialized PHP objects to achieve arbitrary code execution or data manipulation. While no CVSS score or EPSS data is currently available and KEV status is unknown, the CWE-502 classification indicates a critical deserialization flaw that typically requires network access but no authentication.
A PHP Object Injection vulnerability exists in the Tasty Daily WordPress theme (park_of_ideas) through version 1.27, caused by unsafe deserialization of untrusted data (CWE-502). This vulnerability allows attackers to inject arbitrary PHP objects, potentially leading to remote code execution or other malicious actions depending on available gadget chains in the WordPress environment. While no CVSS score or EPSS data is currently published, the vulnerability affects an active WordPress theme distribution and has been documented by Patchstack security researchers.
A PHP Object Injection vulnerability exists in the park_of_ideas Goldish theme due to insecure deserialization of untrusted data, allowing attackers to inject arbitrary objects and potentially achieve remote code execution or other malicious outcomes. The vulnerability affects Goldish versions prior to 3.47. While no CVSS score or EPSS data is publicly available, the CWE-502 classification indicates a serious deserialization flaw that could be exploited if untrusted data is processed without validation.
A deserialization of untrusted data vulnerability exists in the park_of_ideas KIDZ theme that permits object injection attacks. All versions of KIDZ through 5.24 are affected, as confirmed via CPE cpe:2.3:a:park_of_ideas:kidz:*:*:*:*:*:*:*:*. An attacker can inject malicious serialized PHP objects to achieve arbitrary code execution or other unintended actions on affected WordPress installations running this theme.
A PHP object injection vulnerability exists in FantasticPlugins SUMO Affiliates Pro due to unsafe deserialization of untrusted data (CWE-502). This allows attackers to inject malicious serialized objects, potentially achieving remote code execution or other arbitrary actions depending on available gadget chains in the WordPress environment. All versions before 11.4.0 are affected, and a patch has been made available by the vendor.
A PHP Object Injection vulnerability exists in NooTheme Visionary Core plugin versions up to and including 1.4.9, stemming from unsafe deserialization of untrusted data. An attacker can inject malicious serialized objects to achieve arbitrary code execution or other critical impacts depending on available magic methods in the WordPress environment. No CVSS score, EPSS data, or KEV confirmation is currently available; however, the vulnerability is documented by Patchstack and assigned ENISA EUVD ID EUVD-2026-15602.
A PHP Object Injection vulnerability exists in NooTheme Jobica Core plugin through version 1.4.1, stemming from unsafe deserialization of untrusted data. This affects WordPress installations using the vulnerable Jobica Core plugin, allowing attackers to inject malicious serialized objects that can lead to arbitrary code execution or information disclosure depending on available gadget chains. The vulnerability has been identified by Patchstack but lacks public CVSS scoring and KEV confirmation at this time.
A PHP Object Injection vulnerability exists in NooTheme's Organici Library plugin through version 2.1.2, stemming from unsafe deserialization of untrusted data. This vulnerability allows attackers to inject arbitrary PHP objects into the application, potentially leading to remote code execution or other malicious actions depending on available gadget chains in the WordPress environment. No active exploitation in the wild (KEV status) or published proof-of-concept has been confirmed from available sources, but the vulnerability was reported by Patchstack and assigned EUVD-2026-15592, indicating it is tracked in official vulnerability databases.
A PHP Object Injection vulnerability exists in NooTheme CitiLights WordPress theme through version 3.7.1, stemming from unsafe deserialization of untrusted data (CWE-502). This allows attackers to inject arbitrary PHP objects, potentially leading to remote code execution or other malicious operations depending on available gadget chains in the WordPress environment. The vulnerability was reported by Patchstack and affects all versions up to and including 3.7.1; no CVSS score, EPSS data, or KEV status is currently available, though the nature of object injection vulnerabilities typically permits unauthenticated exploitation.
This is a PHP Object Injection vulnerability in the Metagauss EventPrime WordPress plugin (eventprime-event-calendar-management) caused by unsafe deserialization of untrusted data. All versions up to and including 4.2.8.0 are affected, allowing attackers to inject malicious serialized objects that can lead to remote code execution or arbitrary actions depending on available PHP gadget chains. The vulnerability has been publicly disclosed and documented by Patchstack; exploitation likelihood and real-world impact depend on the presence of exploitable gadget chains in the target WordPress environment.
A PHP object injection vulnerability exists in the xtemos WoodMart WordPress theme through version 8.3.8, stemming from insecure deserialization of untrusted data. This vulnerability allows attackers to inject malicious serialized objects that can be instantiated during deserialization, potentially leading to remote code execution or other malicious actions depending on available gadget chains in the WordPress environment. The vulnerability affects all versions of WoodMart up to and including 8.3.8, with no CVSS score or EPSS data currently published, though the underlying deserialization flaw (CWE-502) is a known vector for critical remote exploitation.
AncoraThemes Melody melodyschool theme versions up to 1.6.3 contain a PHP object injection vulnerability stemming from unsafe deserialization of untrusted data (CWE-502). This flaw allows attackers to inject malicious serialized objects that can lead to arbitrary code execution or other critical impacts depending on available PHP gadget chains in the WordPress environment. While no CVSS score or EPSS data is currently published and KEV status is unknown, the vulnerability affects a WordPress theme distributed through the Patchstack vulnerability database, indicating active tracking by the security community.
A PHP Object Injection vulnerability exists in AncoraThemes Beelove WordPress theme through version 1.2.6, allowing attackers to inject and deserialize untrusted objects. This insecure deserialization flaw (CWE-502) enables object injection attacks that could lead to remote code execution or other malicious actions depending on available gadget chains in the WordPress environment. No CVSS score, EPSS data, or KEV confirmation is currently available; however, the vulnerability has been documented by Patchstack and assigned ENISA EUVD ID EUVD-2026-15515, indicating it is tracked in official vulnerability databases.
A PHP object injection vulnerability exists in AncoraThemes Morning Records WordPress theme through version 1.2, arising from unsafe deserialization of untrusted data (CWE-502). This flaw allows attackers to inject malicious objects that can lead to arbitrary code execution or other severe impacts depending on available PHP gadget chains in the WordPress environment. While no CVSS score or EPSS data is currently published, the vulnerability has been documented by Patchstack security researchers, indicating active awareness in the security community.
A PHP object injection vulnerability exists in the Axiom Themes m2 | Construction and Tools Store theme through version 1.1.2, stemming from unsafe deserialization of untrusted data (CWE-502). This allows remote attackers to inject malicious serialized objects that can lead to arbitrary code execution or privilege escalation depending on available gadget chains in the WordPress environment. No CVSS score, EPSS data, or KEV status is currently available, but the vulnerability was reported by Patchstack and affects all installations running the vulnerable theme version.
The WebToffee Product Feed for WooCommerce plugin contains a PHP object injection vulnerability stemming from insecure deserialization of untrusted data (CWE-502), affecting versions up to and including 2.3.3. An attacker can exploit this vulnerability to inject arbitrary objects into the application, potentially leading to remote code execution or data manipulation depending on available gadget chains in the WordPress/PHP environment. No CVSS score or EPSS data is currently published, and active exploitation status is unknown, but the vulnerability has been documented by Patchstack and assigned an ENISA EUVD ID (EUVD-2026-15487), indicating coordinated disclosure tracking.
NVIDIA NeMo Framework contains an insecure deserialization vulnerability (CWE-502) that allows authenticated local attackers to execute arbitrary code. The vulnerability affects NVIDIA NeMo Framework installations and can lead to code execution, privilege escalation, information disclosure, and data tampering. According to CISA's SSVC framework, there is currently no evidence of active exploitation in the wild, and the attack is not automatable, though technical impact is rated as total.
NVIDIA NeMo Framework contains a remote code execution vulnerability in its checkpoint loading mechanism caused by insecure deserialization (CWE-502). Attackers with local access and low privileges can exploit this to achieve code execution, privilege escalation, information disclosure, and data tampering with high impact on confidentiality, integrity, and availability. According to SSVC framework, there is currently no observed exploitation in the wild, though the technical impact is rated as total.
NVIDIA Model Optimizer for Windows and Linux contains an unsafe deserialization vulnerability in its ONNX quantization feature that allows attackers to execute arbitrary code by providing a malicious input file. Users who process untrusted ONNX model files are at risk of complete system compromise, including code execution, privilege escalation, data tampering, and information disclosure. There is no current evidence of active exploitation (not in CISA KEV) or public proof-of-concept availability.
NVIDIA APEX for Linux contains a deserialization of untrusted data vulnerability that affects environments using PyTorch versions earlier than 2.6. An attacker with low privileges on an adjacent network can exploit this flaw to achieve code execution, denial of service, privilege escalation, data tampering, and information disclosure with scope change (CVSS 9.0 Critical). No KEV listing or public POC availability has been reported at this time.
NVIDIA Megatron-LM contains an unsafe deserialization vulnerability (CWE-502) in its checkpoint loading mechanism that allows remote code execution when a user loads a maliciously crafted checkpoint file. The vulnerability affects NVIDIA Megatron-LM installations and can lead to code execution, privilege escalation, information disclosure, and data tampering with a CVSS score of 7.8. The attack requires local access and low privileges but no user interaction once the malicious file is loaded.
NVIDIA Megatron-LM contains an insecure deserialization vulnerability (CWE-502) during model inferencing that allows remote code execution when a user loads a maliciously crafted input file. This vulnerability has a CVSS score of 7.8 and requires local access with low privileges but no user interaction, enabling attackers to execute arbitrary code, escalate privileges, disclose sensitive information, and tamper with data. The vulnerability affects NVIDIA's large language model training framework widely used in AI research and production environments.
NVIDIA Megatron-LM contains an unsafe deserialization vulnerability (CWE-502) in its checkpoint loading functionality that allows remote code execution when a user is tricked into loading a maliciously crafted checkpoint file. The vulnerability affects NVIDIA Megatron-LM installations and can lead to code execution, privilege escalation, information disclosure, and data tampering with a CVSS score of 7.8. There is no current indication of active exploitation in CISA's KEV catalog, and EPSS data was not provided in the intelligence sources.
NVIDIA Megatron-LM contains a critical unsafe deserialization vulnerability (CWE-502) in its hybrid conversion script that allows remote code execution when a user loads a maliciously crafted file. The vulnerability affects NVIDIA Megatron-LM installations and enables attackers to execute arbitrary code, escalate privileges, disclose sensitive information, and tamper with data. With a CVSS score of 7.8 and local attack vector requiring low privileges and no user interaction, this represents a significant risk for organizations using this large language model training framework.
NVIDIA Megatron LM contains an insecure deserialization vulnerability (CWE-502) in its quantization configuration loading mechanism that enables remote code execution. Attackers with local access and low privileges can exploit this flaw to execute arbitrary code, escalate privileges, disclose sensitive information, and tamper with data. The vulnerability has a CVSS score of 7.8 and affects all versions of NVIDIA Megatron LM based on available CPE data.
A deserialization of untrusted data vulnerability exists in DTStack chunjun versions prior to 1.16.1, specifically in the GsonUtil.java module within chunjun-core. An attacker can exploit this CWE-502 flaw to execute arbitrary code by crafting malicious serialized objects that are processed during deserialization. The vulnerability is reportedly patched as of version 1.16.1, with a patch available from the vendor via GitHub pull request #1939.
A critical remote code execution vulnerability exists in PTC Windchill PDMLink and PTC FlexPLM products due to unsafe deserialization of untrusted data, allowing unauthenticated attackers to execute arbitrary code on affected systems. The vulnerability affects multiple versions of both products spanning from version 11.0 through 13.1.3.0 for Windchill and 11.0 through 13.0.3.0 for FlexPLM. An attacker can craft malicious serialized objects that, when deserialized by the vulnerable application, trigger code execution with the privileges of the Windchill or FlexPLM service account.
A deserialization vulnerability exists in PyTorch 2.10.0 within the pt2 Loading Handler component, allowing local attackers with low privileges to achieve confidentiality, integrity, and availability impacts through untrusted data processing. The vulnerability (CWE-502) is confirmed to have a publicly available exploit and has been reported to the project via pull request PR#176791, though remediation status remains unclear. With a CVSS score of 5.3 and exploitation probability marked as probable (E:P), this represents a moderate real-world risk primarily affecting local development and deployment environments.
This is a deserialization of untrusted data vulnerability (PHP Object Injection) in the TotalContest Lite WordPress plugin that allows authenticated attackers with high-level privileges to inject arbitrary PHP objects. The vulnerability affects all versions through 2.9.1 of the TotalContest Lite plugin from TotalSuite. With a CVSS score of 7.2, successful exploitation can lead to high impact on confidentiality, integrity, and availability of the affected system.
Unsafe deserialization in SuiteCRM versions up to 8.9.2 allows authenticated administrators to execute arbitrary system commands on the server through the SavedSearch filter processing component. The vulnerability stems from improper handling of unserialized data in the FilterDefinitionProvider.php file, which fails to restrict instantiable classes when processing user-controlled input from the database. SuiteCRM 8.9.3 and later versions contain the fix.
Heap buffer overflow in wolfSSL's session deserialization function allows local attackers with low privileges to corrupt heap memory by crafting malicious session data with invalid certificate lengths. The vulnerability affects systems with SESSION_CERTS enabled that load external session data, requiring user interaction or specific configuration to exploit. No patch is currently available.
A critical validation bypass vulnerability in the ormar Python ORM library allows attackers to completely skip all Pydantic field validation by injecting a special '__pk_only__' parameter in JSON request bodies. This affects all applications using ormar's canonical FastAPI integration pattern (where ormar models are used directly as request body parameters), enabling attackers to persist invalid data, bypass security constraints, and potentially escalate privileges. A working proof-of-concept demonstrates the vulnerability is trivially exploitable, and with a CVSS score of 7.1, it poses significant risk to affected applications.
BMC FootPrints ITSM contains a critical deserialization vulnerability in ASP.NET VIEWSTATE handling that allows authenticated attackers to execute arbitrary code remotely. Versions 20.20.02 through 20.24.01.001 are affected, and attackers with valid credentials can fully compromise the application by injecting malicious serialized objects. Security researchers from watchTowr have published detailed analysis of this vulnerability, significantly increasing exploitation risk.
WishList Member X, a WordPress membership plugin, contains a deserialization of untrusted data vulnerability that allows authenticated attackers with low-level privileges to perform PHP object injection attacks. This affects all versions up to and including 3.29.0. The vulnerability has a CVSS score of 8.8, indicating high severity with potential for complete compromise of confidentiality, integrity, and availability. There is no indication of active exploitation in KEV data, but the vulnerability has been publicly disclosed by Patchstack.
A deserialization of untrusted data vulnerability in the Themeton Finag WordPress theme allows remote attackers to inject malicious PHP objects without authentication. This affects all versions of Finag through 1.5.0. The vulnerability carries a critical CVSS score of 9.8 due to network-based exploitation requiring no privileges or user interaction, enabling attackers to achieve complete compromise of confidentiality, integrity, and availability.
A critical PHP object injection vulnerability exists in the Zuut WordPress theme due to insecure deserialization of untrusted data. The vulnerability affects all versions of Zuut through 1.4.2 and allows unauthenticated remote attackers to execute arbitrary PHP code, potentially leading to complete site compromise. With a CVSS score of 9.8, this vulnerability requires no privileges or user interaction and can be exploited over the network with low complexity.
The ColorFolio Freelance Designer WordPress Theme versions up to 1.3 contains a deserialization of untrusted data vulnerability that allows attackers to perform PHP Object Injection. This enables remote unauthenticated attackers to execute arbitrary code or manipulate application logic, though exploitation requires high attack complexity. There is no evidence of active exploitation (not in CISA KEV), and EPSS score data is not provided, but the vulnerability has been publicly disclosed by Patchstack.
OmniGen2-RL reward server component contains an unauthenticated remote code execution vulnerability allowing attackers to execute arbitrary commands through malicious HTTP POST requests exploiting insecure pickle deserialization. The vulnerability affects Beijing Academy of Artificial Intelligence (BAAI)'s OmniGen2-RL software with a critical CVSS score of 9.8. A public proof-of-concept exploit is available and a patch has been released by the vendor, making this an immediate priority for organizations running exposed instances.
Memory exhaustion in Python's pickle deserialization allows attackers to crash applications by supplying a small malicious payload that forces allocation of gigabytes of memory through unrestricted constructor arguments in whitelisted classes. Applications using `_RestrictedUnpickler` to load untrusted pickle data are vulnerable to denial of service attacks. A patch is available.
wolfSSL versions up to 5.9.0 allow arbitrary memory deallocation via unsafe deserialization of poisoned session cache data. An attacker with high privileges who can inject a crafted session into the cache and trigger specific session restore API calls can cause memory corruption with availability impact. No public exploit code or active exploitation has been confirmed; the vulnerability requires precise conditions including local access, high privileges, and user interaction.
Remote code execution in Sonatype Nexus Repository 3.22.1-3.90.2 allows authenticated attackers with task creation permissions to execute arbitrary code via unsafe deserialization in the task management component. Exploitation bypasses the nexus.scripts.allowCreation security control, granting unauthorized code execution on the server. CVSS 9.4 (Critical). No public exploit identified at time of analysis. Attack requires low-privileged authentication (PR:L) and network access but no user interaction.
LangChain's f-string prompt-template validation allows information disclosure through attribute access and nested format-specifier injection in DictPromptTemplate and ImagePromptTemplate classes. Unauthenticated remote attackers can craft malicious template strings to expose internal object state, model context, or logs when templates are formatted with rich Python objects. Practical impact is limited to applications that accept untrusted template strings (not just variable values) and pass complex objects into template formatting; hardcoded templates and value-only user input are unaffected. Vendor-released patch available in langchain-core 0.3.84 and 1.2.28.
Unsafe YAML deserialization in PraisonAI allows remote code execution through malicious agent definition files. The AgentService.loadAgentFromFile method uses js-yaml.load without safe schema restrictions, permitting dangerous tags like !!js/function that execute arbitrary JavaScript. Unauthenticated attackers can upload crafted YAML files via API endpoints to achieve complete server compromise. Affects PraisonAI prior to v4.5.115. Publicly available exploit code exists via proof-of-concept demonstrating command execution.
Arbitrary code execution in Red Hat Quay via unsafe deserialization during resumable container image uploads affects multiple Quay 3.x deployments and Mirror Registry instances. An authenticated attacker with low privileges can tamper with intermediate upload data stored in the database to execute code on the Quay server, though exploitation requires high attack complexity and user interaction (CVSS 7.1). EPSS data not available; no public exploit identified at time of analysis, but the deserialization vulnerability class (CWE-502) is well-understood and frequently targeted.
PHP object injection in Everest Forms for WordPress (all versions ≤3.4.3) allows unauthenticated remote attackers to achieve critical system compromise. Attackers submit malicious serialized payloads through any public form field, which persist through sanitization into the wp_evf_entrymeta database table. When administrators view form entries, unsafe unserialize() without class restrictions processes the payload, enabling arbitrary code execution. CVSS 9.8 (Critical) reflects network-accessible attack requiring no authentication or user interaction. No active exploitation confirmed (not in CISA KEV); EPSS data not provided. Vendor-released patch available in version 3.4.4.
Remote code execution in IBM Langflow Desktop versions 1.6.0 through 1.8.2 allows authenticated attackers to execute arbitrary code via unsafe deserialization in the FAISS component. The vulnerability stems from an insecure default configuration that permits deserialization of untrusted data. With CVSS 8.8 (High) reflecting network accessibility, low complexity, and full impact on confidentiality, integrity, and availability, this represents a critical risk for organizations running affected versions. Vendor-released patch available through IBM security advisory. No public exploit identified at time of analysis, though the attack path is well-understood given the CWE-502 deserialization vulnerability class.
Arbitrary code execution in NVIDIA DALI (all versions prior to 2.0) allows local authenticated attackers with low privileges to execute malicious code by exploiting insecure deserialization of untrusted data, requiring user interaction. EPSS exploitation probability and KEV status data not available; no public exploit identified at time of analysis. The vulnerability affects NVIDIA's Data Loading Library, a critical component in AI/ML data preprocessing pipelines.
Remote code execution in OpenIdentityPlatform OpenAM 16.0.5 and earlier allows unauthenticated attackers to execute arbitrary OS commands via unsafe Java deserialization of the jato.clientSession HTTP parameter. This bypass exploits an unpatched deserialization sink in JATO's ClientSession.deserializeAttributes() that was overlooked when CVE-2021-35464 was mitigated. Attackers can target any JATO ViewBean endpoint with <jato:form> tags (commonly found in password reset pages) using a PriorityQueue→TemplatesImpl gadget chain with libraries bundled in OpenAM's WAR file. Vendor-released patch available in version 16.0.6 (GitHub commit 014007c). No public exploit code identified at time of analysis, but detailed technical writeup with gadget chain specifics has been published.
Buffer use-after-free in Apache Kafka Java producer client (versions ≤3.9.1, ≤4.0.1, ≤4.1.1) can silently route messages to incorrect topics when batch expiration races with in-flight network requests. CVSS 8.7 (High) with network-accessible attack vector and high complexity. CISA SSVC indicates no active exploitation, non-automatable attack, and partial technical impact. No public exploit identified at time of analysis. EPSS data not provided, but the combination of high CVSS, cross-scope impact (S:C), and dual confidentiality/integrity impact warrants prioritization for environments processing sensitive message streams.
Unsafe deserialization in pytries datrie through version 0.8.3 enables remote code execution when loading untrusted trie files via Trie.load(), Trie.read(), or Trie.__setstate__(). Unauthenticated remote attackers can exploit this vulnerability by crafting malicious serialized trie objects; publicly available exploit code exists, and the maintainers have not yet addressed the issue despite early notification.
Unsafe deserialization in FedML-AI FedML's gRPC server allows unauthenticated remote attackers to achieve confidentiality, integrity, and availability compromise through malicious payloads sent to the sendMessage function in versions up to 0.8.9. EPSS data not available; no CISA KEV listing indicates no confirmed active exploitation at time of analysis. Vendor unresponsive to coordinated disclosure attempts, raising concerns about patch availability and ongoing risk for production deployments of this federated machine learning framework.
Arbitrary code execution in pyload-ng via pickle deserialization allows non-admin users with SETTINGS and ADD permissions to write malicious session files and trigger unauthenticated RCE. Attackers redirect the download directory to Flask's session store (/tmp/pyLoad/flask), plant a crafted pickle payload as a predictable session filename, then trigger deserialization by sending any HTTP request with the corresponding session cookie. This bypasses CVE-2026-33509 fix controls because storage_folder was not added to ADMIN_ONLY_OPTIONS. No public exploit identified at time of analysis, though detailed proof-of-concept methodology is documented in the advisory. EPSS data not available for this recent CVE.
Unsafe deserialization in NASA cFS Pickle Module (versions up to 7.0.0) allows authenticated local attackers with low privileges to trigger remote code execution or information disclosure through the pickle.load() function. The vulnerability requires high attack complexity and local access, limiting its practical exploitation scope. Public exploit code is available, but the issue remains unpatched as of the last vendor update.
Unsafe deserialization in Roundcube Webmail's Redis/Memcache session handler allows unauthenticated remote attackers to write arbitrary files by crafting malicious session data. Affected versions include all 1.6.x before 1.6.14 and all 1.5.x before 1.5.14. While the CVSS score of 3.7 is low and attack complexity is high, the integrity impact (arbitrary file write) poses a real risk to instances using Redis or Memcache for session storage.
Remote Code Execution in Group-Office enterprise CRM via insecure deserialization allows authenticated attackers to write arbitrary files and execute code on the server. Affects all versions prior to 6.8.156, 25.0.90, and 26.0.12 across multiple product branches. CVSS 9.9 (Critical) with network-based attack vector requiring only low-privileged authentication. No public exploit identified at time of analysis, though the technical details in the GitHub Security Advisory provide sufficient implementation guidance. EPSS data not available, but the combination of authenticated remote access, low complexity, and direct RCE makes this a priority for patching in exposed Group-Office installations.
Remote code execution in OpenSTAManager v2.10.1 and earlier allows authenticated attackers to achieve unauthenticated RCE via chained exploitation of arbitrary SQL injection (GHSA-2fr7-cc4f-wh98) and insecure PHP deserialization in the oauth2.php endpoint. The unauthenticated oauth2.php file calls unserialize() on attacker-controlled database content without class restrictions, enabling gadget chain exploitation (Laravel/RCE22) to execute arbitrary system commands as www-data. Attack requires initial admin credentials to inject malicious serialized objects via SQL injection, then triggers via anonymous GET request. Vendor-released patch available in v2.10.2. No public exploit code or active exploitation (CISA KEV) identified at time of analysis, though detailed proof-of-concept included in advisory with working Python exploit scripts.
Deserialization of untrusted data in NVIDIA BioNeMo Framework enables local attackers to execute arbitrary code, cause denial of service, disclose sensitive information, or tamper with data when users open malicious files. CVSS 7.8 (High) reflects local attack vector requiring user interaction. EPSS data not available; no public exploit identified at time of analysis. Affects NVIDIA BioNeMo Framework, a platform for AI-driven drug discovery and biomolecular research.
Insecure deserialization in NVIDIA BioNeMo Framework enables remote code execution when attackers can induce users to process malicious serialized data. This vulnerability (CWE-502) affects the BioNeMo Framework with network-reachable attack surface (AV:N) and low complexity (AC:L), requiring only user interaction (UI:R) but no authentication (PR:N). The CVSS 8.8 rating reflects critical impacts across confidentiality, integrity, and availability. No public exploit identified at time of analysis, though the deserialization vulnerability class is well-understood and commonly exploited. EPSS data not available for this CVE.
Insecure deserialization in WatchGuard Fireware OS enables local code execution as the portald user when combined with a filesystem write primitive. Affects Fireware OS versions 12.1 through 12.11.8 and 2025.1 through 2026.1.2 on platforms supporting Access Portal (excludes T-15/T-35 models). CVSS 8.4 severity reflects high impact but requires prior high-privilege local access and an existing write vulnerability to exploit. No public exploit identified at time of analysis, with EPSS data unavailable for risk probability assessment.
Insecure deserialization in Gigabyte Control Center's Performance Library component allows authenticated local users to escalate privileges to SYSTEM by sending crafted serialized payloads to the EasyTune Engine service. Affecting Gigabyte Performance Library across versions, this CWE-502 flaw enables low-privileged users to gain complete control of the Windows system. EPSS data not available; no public exploit identified at time of analysis, though the local attack vector and low complexity (CVSS:3.1/AV:L/AC:L/PR:L) suggest exploitation is technically straightforward for attackers with initial local access.
Arbitrary Perl code execution in GRID::Machine through version 0.127 occurs when clients connect to remote hosts via RPC over SSH, as the client-side deserializer uses eval() on untrusted data from the remote peer without validation. A compromised or malicious remote host can inject arbitrary Perl code into Dumper-formatted responses that executes silently on the client during RPC calls, while maintaining correct return values to avoid detection. The vulnerability is design-inherent but the trust requirement for remote hosts is not documented, creating a security expectation mismatch for users.
Remote attackers can crash Zebra cryptocurrency nodes (versions <4.3.0) by sending malformed V5 transactions that pass initial deserialization but trigger panics during transaction ID calculation. The vulnerability requires no authentication and can be exploited via a single crafted network message to the P2P port (8233) or through the sendrawtransaction RPC method. No public exploit code has been identified at time of analysis, though the attack mechanism is well-documented in the vendor advisory. EPSS data not available for this CVE.
The serialize-javascript npm library versions prior to 7.0.5 contain a CPU exhaustion denial-of-service vulnerability triggered when processing specially crafted array-like objects with artificially large length properties, causing the serialization process to hang indefinitely and consume 100% CPU. The vulnerability affects npm package serialize-javascript (pkg:npm/serialize-javascript) and impacts applications that serialize untrusted or user-controlled objects, particularly those also vulnerable to prototype pollution or YAML deserialization attacks that could inject malicious payloads. No public exploit code has been identified, but the attack vector is network-accessible with high complexity, posing a moderate real-world threat in supply-chain and backend service contexts.
Prototype pollution in the locutus npm package's unserialize() function allows remote attackers to inject arbitrary properties into deserialized objects by crafting malicious PHP-serialized payloads containing __proto__ keys, enabling authorization bypass, property propagation attacks, and denial of service via method override. The vulnerability affects locutus versions prior to 3.0.25; publicly available exploit code exists demonstrating property injection, for-in propagation to real own properties, and built-in method disruption.
Remote Code Execution and Arbitrary File Read in Metabase Enterprise Edition allows authenticated administrators to execute arbitrary code and read sensitive files via malicious serialization archives. Affected versions span at least 1.47 through 1.59.3, with patches released in versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4. The vulnerability exploits the POST /api/ee/serialization/import endpoint by injecting INIT properties into H2 JDBC specifications within crafted serialization archives, triggering arbitrary SQL execution during database synchronization. Authentication as an admin is required (CVSS PR:H), and the vulnerability has been confirmed exploitable on Metabase Cloud infrastructure.
Remote code execution is possible in DataDog's dd-trace-java agent versions prior to 1.60.3 when running on JDK 16 or earlier with exposed JMX/RMI ports. The vulnerability stems from unsafe deserialization in the RMI instrumentation's custom endpoint, allowing network-accessible attackers to execute arbitrary code if gadget-chain libraries exist on the classpath. Vendor-released patch: version 1.60.3. No public exploit identified at time of analysis, though the issue was responsibly disclosed through DataDog's bug bounty program by Mohamed Amine ait Ouchebou.
A deserialization vulnerability exists in the wvp-GB28181-pro project (a video streaming platform using GB28181 protocol) through version 2.7.4, specifically in the GenericFastJsonRedisSerializer implementation within the Redis configuration. The flaw allows unauthenticated remote attackers to exploit insecure deserialization through the API endpoint, potentially achieving code execution or data manipulation with low complexity. A public proof-of-concept exploit has been released on GitHub, significantly increasing the risk of active exploitation, and the vendor has not responded to disclosure attempts.
The Frontend Admin by DynamiApps plugin for WordPress contains a PHP Object Injection vulnerability affecting all versions up to and including 3.28.31. Authenticated attackers with Editor-level privileges or higher can exploit unsafe deserialization of the 'post_content' field in admin_form posts to inject malicious PHP objects and achieve remote code execution through available POP chains. This represents a critical risk for WordPress sites using this plugin with elevated user accounts.
Saloon PHP library versions prior to 4.0.0 contain a PHP object injection vulnerability in the AccessTokenAuthenticator::unserialize() method, which unsafely deserializes OAuth token state using unserialize() with allowed_classes set to true. An attacker who can control the serialized token string-such as by overwriting a cached token file or injecting malicious data-can supply a crafted serialized gadget object that executes arbitrary code through PHP magic methods during deserialization. In environments with common dependencies like Monolog present, this vulnerability can be reliably chained to achieve remote code execution (RCE), making it a critical threat to any API integration or SDK built on vulnerable Saloon versions.
A deserialization vulnerability in OpenTelemetry Java instrumentation versions prior to 2.26.1 allows remote code execution when the RMI instrumentation endpoint processes untrusted data without serialization filters. The vulnerability affects applications using the OpenTelemetry Java agent with network-reachable RMI/JMX endpoints and gadget-chain-compatible libraries on the classpath. This was responsibly disclosed in coordination with Datadog, and a patch is available in version 2.26.1.
A deserialization of untrusted data vulnerability in the JS Archive List jQuery widget (jquery-archive-list-widget) versions up to 6.1.7 allows remote attackers to inject malicious objects and achieve code execution or information disclosure. The vulnerability affects WordPress installations using the vulnerable plugin versions, and exploitation requires sending crafted serialized PHP objects to the affected endpoint. No CVSS vector or EPSS score has been assigned, and KEV status is unknown, though the vulnerability was reported by Patchstack security researchers.
A PHP object injection vulnerability exists in the Edge-Themes Pelicula video production and movie theme due to insecure deserialization of untrusted data, classified as CWE-502. The vulnerability affects Pelicula versions prior to 1.10, allowing attackers to inject arbitrary objects and potentially achieve remote code execution or other malicious outcomes. No CVSS score or EPSS data has been published, and no confirmed KEV or active exploitation in the wild has been reported, but the nature of object injection vulnerabilities typically enables high-impact attacks when paired with accessible gadget chains in the WordPress ecosystem.
A deserialization of untrusted data vulnerability exists in Mikado-Themes Stål (a WordPress theme) that allows arbitrary object injection through unsafe unserialize() operations. Versions prior to 1.7 are affected. An attacker can exploit this to instantiate arbitrary PHP objects, potentially leading to remote code execution, data exfiltration, or site compromise depending on available gadget chains in the WordPress environment.
A deserialization of untrusted data vulnerability exists in Edge-Themes Kamperen WordPress theme versions prior to 1.3, allowing attackers to perform arbitrary object instantiation through object injection attacks. This CWE-502 vulnerability enables remote code execution or information disclosure without requiring authentication in many scenarios. While no CVSS score is currently published and KEV/EPSS data are unavailable, the vulnerability has been reported by Patchstack and affects all installations of the Kamperen theme below version 1.3.
A deserialization of untrusted data vulnerability exists in Edge-Themes Gracey WordPress theme versions prior to 1.4, allowing attackers to perform arbitrary object instantiation through object injection attacks. This CWE-502 vulnerability affects all installations of Gracey below version 1.4 and could enable remote code execution or other malicious actions depending on available gadget chains in the WordPress environment. No CVSS score, EPSS risk metric, or KEV status has been publicly assigned, but the vulnerability is documented by Patchstack with a patch available in version 1.4.
This is a deserialization of untrusted data vulnerability in the Mikado-Themes Halstein WordPress theme (versions prior to 1.8) that allows arbitrary object injection via CWE-502. An attacker can exploit this flaw to instantiate arbitrary PHP objects, potentially leading to remote code execution or information disclosure depending on available gadget chains. The vulnerability was reported by Patchstack and affects all versions of Halstein below 1.8; no CVSS score, EPSS data, or KEV status is currently published, limiting immediate risk quantification but indicating this is a serious deserialization flaw that should be patched urgently.
A deserialization of untrusted data vulnerability exists in Elated-Themes Leroux WordPress theme versions prior to 1.4, allowing unauthenticated attackers to perform arbitrary object instantiation through object injection attacks. An attacker can exploit this vulnerability to instantiate arbitrary PHP objects, potentially leading to remote code execution or information disclosure depending on available gadget chains in the WordPress environment. While no CVSS score or active KEV status is currently available, the vulnerability has been documented by Patchstack and assigned ENISA EUVD ID EUVD-2026-15861, indicating it is a recognized threat affecting WordPress installations using the vulnerable Leroux theme.
A deserialization of untrusted data vulnerability exists in Edge-Themes Archicon WordPress theme versions prior to 1.7, allowing attackers to perform arbitrary object instantiation through object injection attacks. This vulnerability, tracked as CWE-502, enables attackers to instantiate arbitrary PHP objects during the deserialization process, potentially leading to remote code execution or other malicious outcomes depending on available gadget chains in the WordPress environment. The vulnerability was reported by Patchstack and affects all versions of Archicon below 1.7, with a patch available in version 1.7 and later.
A deserialization of untrusted data vulnerability exists in Select-Themes Borgholm marketing agency theme (WordPress) that allows object injection attacks. The vulnerability affects Borgholm versions prior to 1.6, and attackers can exploit this to inject malicious PHP objects that execute arbitrary code within the WordPress environment. While no CVSS score or EPSS data is currently available, the CWE-502 classification indicates this is a critical deserialization flaw with high exploitation potential; no active KEV or public POC status is documented, but the vulnerability was reported through Patchstack with full advisory details available.
A PHP object injection vulnerability exists in BoldGrid weForms plugin through version 1.6.26 due to unsafe deserialization of untrusted data, allowing attackers to instantiate arbitrary objects and potentially execute remote code or manipulate application state. This affects WordPress installations using the vulnerable weForms plugin versions, and exploitation requires no authentication based on the deserialization attack vector. While no CVSS score or EPSS data is currently available, the CWE-502 classification and object injection capability represent a critical-severity issue typical of deserialization flaws that often lead to remote code execution.
A deserialization of untrusted data vulnerability (CWE-502) exists in the magepeopleteam Bus Ticket Booking with Seat Reservation WordPress plugin through version 5.6.0, allowing object injection attacks. An attacker can inject malicious serialized PHP objects into the application, potentially leading to remote code execution or other critical impacts depending on available gadget chains in the WordPress environment. No CVSS score or EPSS data is currently available, and KEV status is unknown, but the vulnerability affects all installations running the vulnerable plugin versions.
A PHP Object Injection vulnerability exists in the ThemeREX Buisson WordPress theme through version 1.1.11, stemming from unsafe deserialization of untrusted data (CWE-502). This flaw allows attackers to inject malicious serialized objects that can lead to arbitrary code execution or other object manipulation attacks depending on available gadget chains in the WordPress environment. While no CVSS score or EPSS data is currently published and the vulnerability has not been listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, the public disclosure via Patchstack indicates active awareness in the security community.
A PHP Object Injection vulnerability exists in the ThemeREX Work & Travel Company WordPress theme through version 1.2, stemming from unsafe deserialization of untrusted data (CWE-502). An attacker can exploit this vulnerability to inject malicious objects into the application, potentially leading to remote code execution or arbitrary object manipulation depending on the gadget chains available in the WordPress environment. No CVSS score, EPSS data, or KEV status is currently available, and the vulnerability was identified and reported by Patchstack, though active exploitation status remains unclear.
A PHP Object Injection vulnerability exists in ThemeREX Love Story WordPress theme through version 1.3.12, stemming from unsafe deserialization of untrusted data. This vulnerability allows attackers to inject malicious serialized objects that can lead to remote code execution or other object-oriented attack chains. The vulnerability is classified as CWE-502 (Deserialization of Untrusted Data) and has been reported by Patchstack; no CVSS score or EPSS data is currently available, and KEV status is unknown.
A PHP object injection vulnerability exists in the sbthemes WooCommerce Infinite Scroll plugin (versions up to and including 1.6.2) due to unsafe deserialization of untrusted data. This vulnerability allows attackers to inject malicious serialized objects, potentially leading to remote code execution or arbitrary object instantiation depending on available gadget chains within the WordPress environment. The vulnerability affects all installations of this plugin through version 1.6.2 and has been documented by Patchstack, though CVSS scoring and exploitation metrics are currently unavailable.
A PHP Object Injection vulnerability exists in the Nexa Blocks WordPress plugin (versions up to and including 1.1.1) due to unsafe deserialization of untrusted data, allowing attackers to instantiate arbitrary PHP objects and potentially achieve remote code execution. The vulnerability is classified as CWE-502 (Deserialization of Untrusted Data) and affects all installations of the affected plugin versions. While no CVSS score or EPSS data are currently available, the nature of object injection vulnerabilities combined with PHP's magic methods provides significant exploitation potential for code execution or privilege escalation.
Apicona, a WordPress theme by thememount, contains a PHP object injection vulnerability stemming from unsafe deserialization of untrusted data (CWE-502). All versions through 24.1.0 are affected. An attacker can exploit this to inject arbitrary objects into the application, potentially leading to remote code execution or other malicious object manipulation depending on available gadget chains within the PHP environment.
A deserialization of untrusted data vulnerability exists in the Rascals Vex theme (CWE-502) that allows attackers to perform PHP object injection attacks. The vulnerability affects Vex versions prior to 1.2.9, as confirmed by Patchstack reporting and ENISA EUVD-2026-15684. An attacker exploiting this flaw can inject malicious serialized objects to achieve arbitrary code execution or other malicious outcomes depending on available PHP magic methods in the application environment.
A deserialization of untrusted data vulnerability exists in Pendulum (a PHP datetime library) versions prior to 3.1.5, allowing attackers to perform object injection attacks. The vulnerability affects the rascals Pendulum library through unvalidated deserialization of user-supplied data. An attacker can exploit this to instantiate arbitrary PHP objects, potentially leading to remote code execution or other malicious outcomes depending on the application's gadget chain availability.
A PHP Object Injection vulnerability exists in the Rascals Meloo WordPress theme due to unsafe deserialization of untrusted data, classified under CWE-502 (Deserialization of Untrusted Data). This vulnerability affects Meloo versions prior to 2.8.2 and allows attackers to inject malicious objects that could lead to remote code execution or other security compromises. While no CVSS score, EPSS probability, or KEV status has been publicly assigned, the vulnerability was reported by Patchstack and has been assigned ENISA EUVD tracking ID EUVD-2026-15679, indicating active monitoring by European vulnerability databases.
A deserialization of untrusted data vulnerability exists in the park_of_ideas Ricky theme (all versions prior to 2.31) that allows object injection attacks. An attacker can inject malicious serialized PHP objects to achieve arbitrary code execution or data manipulation. While no CVSS score or EPSS data is currently available and KEV status is unknown, the CWE-502 classification indicates a critical deserialization flaw that typically requires network access but no authentication.
A PHP Object Injection vulnerability exists in the Tasty Daily WordPress theme (park_of_ideas) through version 1.27, caused by unsafe deserialization of untrusted data (CWE-502). This vulnerability allows attackers to inject arbitrary PHP objects, potentially leading to remote code execution or other malicious actions depending on available gadget chains in the WordPress environment. While no CVSS score or EPSS data is currently published, the vulnerability affects an active WordPress theme distribution and has been documented by Patchstack security researchers.
A PHP Object Injection vulnerability exists in the park_of_ideas Goldish theme due to insecure deserialization of untrusted data, allowing attackers to inject arbitrary objects and potentially achieve remote code execution or other malicious outcomes. The vulnerability affects Goldish versions prior to 3.47. While no CVSS score or EPSS data is publicly available, the CWE-502 classification indicates a serious deserialization flaw that could be exploited if untrusted data is processed without validation.
A deserialization of untrusted data vulnerability exists in the park_of_ideas KIDZ theme that permits object injection attacks. All versions of KIDZ through 5.24 are affected, as confirmed via CPE cpe:2.3:a:park_of_ideas:kidz:*:*:*:*:*:*:*:*. An attacker can inject malicious serialized PHP objects to achieve arbitrary code execution or other unintended actions on affected WordPress installations running this theme.
A PHP object injection vulnerability exists in FantasticPlugins SUMO Affiliates Pro due to unsafe deserialization of untrusted data (CWE-502). This allows attackers to inject malicious serialized objects, potentially achieving remote code execution or other arbitrary actions depending on available gadget chains in the WordPress environment. All versions before 11.4.0 are affected, and a patch has been made available by the vendor.
A PHP Object Injection vulnerability exists in NooTheme Visionary Core plugin versions up to and including 1.4.9, stemming from unsafe deserialization of untrusted data. An attacker can inject malicious serialized objects to achieve arbitrary code execution or other critical impacts depending on available magic methods in the WordPress environment. No CVSS score, EPSS data, or KEV confirmation is currently available; however, the vulnerability is documented by Patchstack and assigned ENISA EUVD ID EUVD-2026-15602.
A PHP Object Injection vulnerability exists in NooTheme Jobica Core plugin through version 1.4.1, stemming from unsafe deserialization of untrusted data. This affects WordPress installations using the vulnerable Jobica Core plugin, allowing attackers to inject malicious serialized objects that can lead to arbitrary code execution or information disclosure depending on available gadget chains. The vulnerability has been identified by Patchstack but lacks public CVSS scoring and KEV confirmation at this time.
A PHP Object Injection vulnerability exists in NooTheme's Organici Library plugin through version 2.1.2, stemming from unsafe deserialization of untrusted data. This vulnerability allows attackers to inject arbitrary PHP objects into the application, potentially leading to remote code execution or other malicious actions depending on available gadget chains in the WordPress environment. No active exploitation in the wild (KEV status) or published proof-of-concept has been confirmed from available sources, but the vulnerability was reported by Patchstack and assigned EUVD-2026-15592, indicating it is tracked in official vulnerability databases.
A PHP Object Injection vulnerability exists in NooTheme CitiLights WordPress theme through version 3.7.1, stemming from unsafe deserialization of untrusted data (CWE-502). This allows attackers to inject arbitrary PHP objects, potentially leading to remote code execution or other malicious operations depending on available gadget chains in the WordPress environment. The vulnerability was reported by Patchstack and affects all versions up to and including 3.7.1; no CVSS score, EPSS data, or KEV status is currently available, though the nature of object injection vulnerabilities typically permits unauthenticated exploitation.
This is a PHP Object Injection vulnerability in the Metagauss EventPrime WordPress plugin (eventprime-event-calendar-management) caused by unsafe deserialization of untrusted data. All versions up to and including 4.2.8.0 are affected, allowing attackers to inject malicious serialized objects that can lead to remote code execution or arbitrary actions depending on available PHP gadget chains. The vulnerability has been publicly disclosed and documented by Patchstack; exploitation likelihood and real-world impact depend on the presence of exploitable gadget chains in the target WordPress environment.
A PHP object injection vulnerability exists in the xtemos WoodMart WordPress theme through version 8.3.8, stemming from insecure deserialization of untrusted data. This vulnerability allows attackers to inject malicious serialized objects that can be instantiated during deserialization, potentially leading to remote code execution or other malicious actions depending on available gadget chains in the WordPress environment. The vulnerability affects all versions of WoodMart up to and including 8.3.8, with no CVSS score or EPSS data currently published, though the underlying deserialization flaw (CWE-502) is a known vector for critical remote exploitation.
AncoraThemes Melody melodyschool theme versions up to 1.6.3 contain a PHP object injection vulnerability stemming from unsafe deserialization of untrusted data (CWE-502). This flaw allows attackers to inject malicious serialized objects that can lead to arbitrary code execution or other critical impacts depending on available PHP gadget chains in the WordPress environment. While no CVSS score or EPSS data is currently published and KEV status is unknown, the vulnerability affects a WordPress theme distributed through the Patchstack vulnerability database, indicating active tracking by the security community.
A PHP Object Injection vulnerability exists in AncoraThemes Beelove WordPress theme through version 1.2.6, allowing attackers to inject and deserialize untrusted objects. This insecure deserialization flaw (CWE-502) enables object injection attacks that could lead to remote code execution or other malicious actions depending on available gadget chains in the WordPress environment. No CVSS score, EPSS data, or KEV confirmation is currently available; however, the vulnerability has been documented by Patchstack and assigned ENISA EUVD ID EUVD-2026-15515, indicating it is tracked in official vulnerability databases.
A PHP object injection vulnerability exists in AncoraThemes Morning Records WordPress theme through version 1.2, arising from unsafe deserialization of untrusted data (CWE-502). This flaw allows attackers to inject malicious objects that can lead to arbitrary code execution or other severe impacts depending on available PHP gadget chains in the WordPress environment. While no CVSS score or EPSS data is currently published, the vulnerability has been documented by Patchstack security researchers, indicating active awareness in the security community.
A PHP object injection vulnerability exists in the Axiom Themes m2 | Construction and Tools Store theme through version 1.1.2, stemming from unsafe deserialization of untrusted data (CWE-502). This allows remote attackers to inject malicious serialized objects that can lead to arbitrary code execution or privilege escalation depending on available gadget chains in the WordPress environment. No CVSS score, EPSS data, or KEV status is currently available, but the vulnerability was reported by Patchstack and affects all installations running the vulnerable theme version.
The WebToffee Product Feed for WooCommerce plugin contains a PHP object injection vulnerability stemming from insecure deserialization of untrusted data (CWE-502), affecting versions up to and including 2.3.3. An attacker can exploit this vulnerability to inject arbitrary objects into the application, potentially leading to remote code execution or data manipulation depending on available gadget chains in the WordPress/PHP environment. No CVSS score or EPSS data is currently published, and active exploitation status is unknown, but the vulnerability has been documented by Patchstack and assigned an ENISA EUVD ID (EUVD-2026-15487), indicating coordinated disclosure tracking.
NVIDIA NeMo Framework contains an insecure deserialization vulnerability (CWE-502) that allows authenticated local attackers to execute arbitrary code. The vulnerability affects NVIDIA NeMo Framework installations and can lead to code execution, privilege escalation, information disclosure, and data tampering. According to CISA's SSVC framework, there is currently no evidence of active exploitation in the wild, and the attack is not automatable, though technical impact is rated as total.
NVIDIA NeMo Framework contains a remote code execution vulnerability in its checkpoint loading mechanism caused by insecure deserialization (CWE-502). Attackers with local access and low privileges can exploit this to achieve code execution, privilege escalation, information disclosure, and data tampering with high impact on confidentiality, integrity, and availability. According to SSVC framework, there is currently no observed exploitation in the wild, though the technical impact is rated as total.
NVIDIA Model Optimizer for Windows and Linux contains an unsafe deserialization vulnerability in its ONNX quantization feature that allows attackers to execute arbitrary code by providing a malicious input file. Users who process untrusted ONNX model files are at risk of complete system compromise, including code execution, privilege escalation, data tampering, and information disclosure. There is no current evidence of active exploitation (not in CISA KEV) or public proof-of-concept availability.
NVIDIA APEX for Linux contains a deserialization of untrusted data vulnerability that affects environments using PyTorch versions earlier than 2.6. An attacker with low privileges on an adjacent network can exploit this flaw to achieve code execution, denial of service, privilege escalation, data tampering, and information disclosure with scope change (CVSS 9.0 Critical). No KEV listing or public POC availability has been reported at this time.
NVIDIA Megatron-LM contains an unsafe deserialization vulnerability (CWE-502) in its checkpoint loading mechanism that allows remote code execution when a user loads a maliciously crafted checkpoint file. The vulnerability affects NVIDIA Megatron-LM installations and can lead to code execution, privilege escalation, information disclosure, and data tampering with a CVSS score of 7.8. The attack requires local access and low privileges but no user interaction once the malicious file is loaded.
NVIDIA Megatron-LM contains an insecure deserialization vulnerability (CWE-502) during model inferencing that allows remote code execution when a user loads a maliciously crafted input file. This vulnerability has a CVSS score of 7.8 and requires local access with low privileges but no user interaction, enabling attackers to execute arbitrary code, escalate privileges, disclose sensitive information, and tamper with data. The vulnerability affects NVIDIA's large language model training framework widely used in AI research and production environments.
NVIDIA Megatron-LM contains an unsafe deserialization vulnerability (CWE-502) in its checkpoint loading functionality that allows remote code execution when a user is tricked into loading a maliciously crafted checkpoint file. The vulnerability affects NVIDIA Megatron-LM installations and can lead to code execution, privilege escalation, information disclosure, and data tampering with a CVSS score of 7.8. There is no current indication of active exploitation in CISA's KEV catalog, and EPSS data was not provided in the intelligence sources.
NVIDIA Megatron-LM contains a critical unsafe deserialization vulnerability (CWE-502) in its hybrid conversion script that allows remote code execution when a user loads a maliciously crafted file. The vulnerability affects NVIDIA Megatron-LM installations and enables attackers to execute arbitrary code, escalate privileges, disclose sensitive information, and tamper with data. With a CVSS score of 7.8 and local attack vector requiring low privileges and no user interaction, this represents a significant risk for organizations using this large language model training framework.
NVIDIA Megatron LM contains an insecure deserialization vulnerability (CWE-502) in its quantization configuration loading mechanism that enables remote code execution. Attackers with local access and low privileges can exploit this flaw to execute arbitrary code, escalate privileges, disclose sensitive information, and tamper with data. The vulnerability has a CVSS score of 7.8 and affects all versions of NVIDIA Megatron LM based on available CPE data.
A deserialization of untrusted data vulnerability exists in DTStack chunjun versions prior to 1.16.1, specifically in the GsonUtil.java module within chunjun-core. An attacker can exploit this CWE-502 flaw to execute arbitrary code by crafting malicious serialized objects that are processed during deserialization. The vulnerability is reportedly patched as of version 1.16.1, with a patch available from the vendor via GitHub pull request #1939.
A critical remote code execution vulnerability exists in PTC Windchill PDMLink and PTC FlexPLM products due to unsafe deserialization of untrusted data, allowing unauthenticated attackers to execute arbitrary code on affected systems. The vulnerability affects multiple versions of both products spanning from version 11.0 through 13.1.3.0 for Windchill and 11.0 through 13.0.3.0 for FlexPLM. An attacker can craft malicious serialized objects that, when deserialized by the vulnerable application, trigger code execution with the privileges of the Windchill or FlexPLM service account.
A deserialization vulnerability exists in PyTorch 2.10.0 within the pt2 Loading Handler component, allowing local attackers with low privileges to achieve confidentiality, integrity, and availability impacts through untrusted data processing. The vulnerability (CWE-502) is confirmed to have a publicly available exploit and has been reported to the project via pull request PR#176791, though remediation status remains unclear. With a CVSS score of 5.3 and exploitation probability marked as probable (E:P), this represents a moderate real-world risk primarily affecting local development and deployment environments.
This is a deserialization of untrusted data vulnerability (PHP Object Injection) in the TotalContest Lite WordPress plugin that allows authenticated attackers with high-level privileges to inject arbitrary PHP objects. The vulnerability affects all versions through 2.9.1 of the TotalContest Lite plugin from TotalSuite. With a CVSS score of 7.2, successful exploitation can lead to high impact on confidentiality, integrity, and availability of the affected system.
Unsafe deserialization in SuiteCRM versions up to 8.9.2 allows authenticated administrators to execute arbitrary system commands on the server through the SavedSearch filter processing component. The vulnerability stems from improper handling of unserialized data in the FilterDefinitionProvider.php file, which fails to restrict instantiable classes when processing user-controlled input from the database. SuiteCRM 8.9.3 and later versions contain the fix.
Heap buffer overflow in wolfSSL's session deserialization function allows local attackers with low privileges to corrupt heap memory by crafting malicious session data with invalid certificate lengths. The vulnerability affects systems with SESSION_CERTS enabled that load external session data, requiring user interaction or specific configuration to exploit. No patch is currently available.
A critical validation bypass vulnerability in the ormar Python ORM library allows attackers to completely skip all Pydantic field validation by injecting a special '__pk_only__' parameter in JSON request bodies. This affects all applications using ormar's canonical FastAPI integration pattern (where ormar models are used directly as request body parameters), enabling attackers to persist invalid data, bypass security constraints, and potentially escalate privileges. A working proof-of-concept demonstrates the vulnerability is trivially exploitable, and with a CVSS score of 7.1, it poses significant risk to affected applications.
BMC FootPrints ITSM contains a critical deserialization vulnerability in ASP.NET VIEWSTATE handling that allows authenticated attackers to execute arbitrary code remotely. Versions 20.20.02 through 20.24.01.001 are affected, and attackers with valid credentials can fully compromise the application by injecting malicious serialized objects. Security researchers from watchTowr have published detailed analysis of this vulnerability, significantly increasing exploitation risk.
WishList Member X, a WordPress membership plugin, contains a deserialization of untrusted data vulnerability that allows authenticated attackers with low-level privileges to perform PHP object injection attacks. This affects all versions up to and including 3.29.0. The vulnerability has a CVSS score of 8.8, indicating high severity with potential for complete compromise of confidentiality, integrity, and availability. There is no indication of active exploitation in KEV data, but the vulnerability has been publicly disclosed by Patchstack.
A deserialization of untrusted data vulnerability in the Themeton Finag WordPress theme allows remote attackers to inject malicious PHP objects without authentication. This affects all versions of Finag through 1.5.0. The vulnerability carries a critical CVSS score of 9.8 due to network-based exploitation requiring no privileges or user interaction, enabling attackers to achieve complete compromise of confidentiality, integrity, and availability.
A critical PHP object injection vulnerability exists in the Zuut WordPress theme due to insecure deserialization of untrusted data. The vulnerability affects all versions of Zuut through 1.4.2 and allows unauthenticated remote attackers to execute arbitrary PHP code, potentially leading to complete site compromise. With a CVSS score of 9.8, this vulnerability requires no privileges or user interaction and can be exploited over the network with low complexity.
The ColorFolio Freelance Designer WordPress Theme versions up to 1.3 contains a deserialization of untrusted data vulnerability that allows attackers to perform PHP Object Injection. This enables remote unauthenticated attackers to execute arbitrary code or manipulate application logic, though exploitation requires high attack complexity. There is no evidence of active exploitation (not in CISA KEV), and EPSS score data is not provided, but the vulnerability has been publicly disclosed by Patchstack.
OmniGen2-RL reward server component contains an unauthenticated remote code execution vulnerability allowing attackers to execute arbitrary commands through malicious HTTP POST requests exploiting insecure pickle deserialization. The vulnerability affects Beijing Academy of Artificial Intelligence (BAAI)'s OmniGen2-RL software with a critical CVSS score of 9.8. A public proof-of-concept exploit is available and a patch has been released by the vendor, making this an immediate priority for organizations running exposed instances.
Memory exhaustion in Python's pickle deserialization allows attackers to crash applications by supplying a small malicious payload that forces allocation of gigabytes of memory through unrestricted constructor arguments in whitelisted classes. Applications using `_RestrictedUnpickler` to load untrusted pickle data are vulnerable to denial of service attacks. A patch is available.