Deserialization
Monthly
In Infoblox NIOS through 9.0.7, insecure deserialization can result in remote code execution. [CVSS 8.8 HIGH]
{method} and /execute/{method} feed attacker-supplied request bodies straight into pickle.loads(), and the intended nonce authorization gate is bypassed because the nonce defaults to an empty string and is skipped by default. A detailed technical write-up (chocapikk.com) and a VulnCheck advisory describe the flaw; it is not listed in CISA KEV and EPSS is low (0.14%, 34th percentile), indicating no evidence of widespread active exploitation.
PHP object injection in wpForo Forum plugin versions up to 2.4.13 allows authenticated subscribers and above to deserialize untrusted data, potentially enabling arbitrary file deletion, data theft, or code execution if a POP chain exists in installed plugins or themes. The vulnerability requires an additional gadget chain to be exploitable, making its impact dependent on the broader plugin ecosystem of the target WordPress installation.
WP eCommerce WordPre versions up to 3.15.1 is affected by deserialization of untrusted data (CVSS 6.5).
Deserialization of untrusted data in Azure SDK allows unauthorized code execution over a network. EPSS 0.32%.
Microsoft Outlook's unsafe deserialization of untrusted data enables remote attackers to spoof messages and identities without authentication over the network. This vulnerability affects Outlook, Word, and Microsoft 365 Apps, allowing attackers to impersonate legitimate senders and deceive users. No patch is currently available, making this a high-risk threat requiring immediate defensive measures.
Denial of service in SAP NetWeaver's JMS service stems from unsafe deserialization of malicious objects, allowing authenticated administrators with local access to crash the application. The vulnerability requires high privileges and local access but carries no risk to confidentiality or integrity. No patch is currently available.
my little forum PHP forum software has an unrestricted file upload allowing authenticated users to upload dangerous file types.
Unsafe deserialization in yuan1994 tpadmin versions up to 1.3.12 allows remote attackers to execute arbitrary code via the WebUploader preview.php component without authentication. Public exploit code exists for this vulnerability, and affected installations running unsupported versions face immediate risk. The flaw enables complete system compromise with no patch available from the maintainer.
EPyT-Flow hydraulic simulation package has a CVSS 10.0 insecure deserialization enabling code execution when loading simulation scenario files.
CraftCMS 3 vCard Plugin 1.0.0 has an insecure deserialization vulnerability allowing unauthenticated remote code execution through crafted vCard data.
Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5668. [CVSS 7.2 HIGH]
Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5680. [CVSS 7.5 HIGH]
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 7.5 HIGH]
Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. [CVSS 8.4 HIGH]
pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. [CVSS 6.5 MEDIUM]
magepeopleteam WpEvently mage-eventpress is affected by deserialization of untrusted data (CVSS 8.8).
Salt's junos execution module contained an unsafe YAML decode/load usage. A specially crafted YAML payload processed by the junos module could lead to unintended code execution under the context of the Salt process. [CVSS 7.8 HIGH]
Unsafe deserialization in Bolo Solo up to version 2.6.4 through the SnakeYAML component allows authenticated attackers to execute arbitrary code remotely via the importMarkdownsSync function. Public exploit code exists for this vulnerability and no patch is currently available. Authenticated users with access to the backup functionality can trigger this flaw to compromise affected systems.
SolarWinds Web Help Desk has a second deserialization vulnerability (EPSS 11.9%) providing another unauthenticated RCE path alongside CVE-2025-40551.
SolarWinds Web Help Desk contains an unauthenticated Java deserialization vulnerability (CVE-2025-40551, CVSS 9.8) that enables remote code execution. With EPSS 80.6% and KEV listing, this is the more severe of two concurrent WHD vulnerabilities, allowing attackers to execute arbitrary commands on the host server without any credentials.
Unsafe deserialization in PHPUnit versions before 8.5.52, 9.6.33, 10.5.62, 11.5.50, and 12.5.8 allows local attackers to execute arbitrary code by placing malicious serialized objects in `.coverage` files that are deserialized without validation during PHPT test execution. An attacker with file write access can exploit the `cleanupForCoverage()` method's lack of object class restrictions to trigger gadget chains through `__wakeup()` methods. This high-severity vulnerability (CVSS 7.8) affects developers and CI/CD systems running PHPUnit on Linux systems.
Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability in datavane tis (tis-plugin/src/main/java/com/qlangtech/tis/extension/impl modules). This vulnerability is associated with program files XmlFile.Java.
Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. [CVSS 3.7 LOW]
Upsonic has an insecure deserialization via cloudpickle (EPSS 1.3%) enabling remote code execution through crafted serialized AI agent data.
Remote code execution in Langflow's disk cache service allows authenticated attackers to execute arbitrary code by exploiting improper deserialization of untrusted data. The vulnerability affects Langflow installations and requires valid authentication credentials to exploit, enabling attackers to gain code execution within the service account context. No patch is currently available.
GPT Academic has a second insecure deserialization vulnerability in the upload function (EPSS 1.5%) allowing remote code execution through crafted file uploads.
GPT Academic has an insecure deserialization in run_in_subprocess_wrapper_func (EPSS 1.7%) enabling remote code execution through crafted subprocess data.
Remote code execution in GPT Academic's stream_daas function results from improper deserialization of untrusted data when communicating with external servers, allowing unauthenticated attackers to execute arbitrary code with root privileges. The vulnerability requires interaction with a malicious DAAS server and currently has no available patch. Organizations using GPT Academic should implement network controls to restrict connections to untrusted DAAS services until patching is available.
MetaGPT by Foundation Agents has an insecure deserialization in deserialize_message (EPSS 1.7%) enabling remote code execution through crafted serialized data in AI agent communications.
Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. [CVSS 7.8 HIGH]
Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. [CVSS 7.8 HIGH]
Anritsu ShockLine CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu ShockLine. [CVSS 7.8 HIGH]
Deserialization of Untrusted Data vulnerability in fuelthemes North north-wp allows Object Injection.This issue affects North: from n/a through <= 5.7.5. [CVSS 8.8 HIGH]
ThemeREX Sound/musicplace WordPress theme has an insecure deserialization vulnerability enabling PHP object injection and potential remote code execution.
strongholdthemes Tech Life CPT techlife-cpt is affected by deserialization of untrusted data (CVSS 8.8).
strongholdthemes Dental Care CPT dentalcare-cpt is affected by deserialization of untrusted data (CVSS 8.8).
Deserialization of Untrusted Data vulnerability in designthemes OneLife onelife allows Object Injection.This issue affects OneLife: from n/a through <= 3.9. [CVSS 8.8 HIGH]
Deserialization of Untrusted Data vulnerability in AivahThemes Anona anona allows Object Injection.This issue affects Anona: from n/a through <= 8.0. [CVSS 8.8 HIGH]
Deserialization of Untrusted Data vulnerability in designthemes Vivagh vivagh allows Object Injection.This issue affects Vivagh: from n/a through <= 2.4. [CVSS 8.8 HIGH]
Deserialization of Untrusted Data vulnerability in Arraytics Eventin wp-event-solution allows Object Injection.This issue affects Eventin: from n/a through <= 4.1.1. [CVSS 8.8 HIGH]
Deserialization of Untrusted Data vulnerability in designthemes Kids Heaven kids-world allows Object Injection.This issue affects Kids Heaven: from n/a through <= 3.2. [CVSS 8.8 HIGH]
Consult Aid WordPress theme has an insecure deserialization vulnerability allowing object injection that can lead to remote code execution.
Deserialization of Untrusted Data vulnerability in artbees JupiterX Core jupiterx-core allows Object Injection.This issue affects JupiterX Core: from n/a through <= 4.10.1. [CVSS 8.5 HIGH]
Remote code execution in Docling Core versions 2.21.0 through 2.48.3 allows unauthenticated attackers to execute arbitrary code when applications deserialize untrusted YAML data using the `DoclingDocument.load_from_yaml()` method with vulnerable PyYAML versions. The vulnerability stems from unsafe deserialization practices (CWE-502) and affects document processing systems using affected library versions. No patch is currently available; mitigation requires upgrading to version 2.48.4 or ensuring PyYAML 5.4+ is installed.
Seroval versions 1.4.0 and below are vulnerable to denial of service attacks due to unbounded recursion when serializing deeply nested objects, allowing remote attackers to crash applications by exceeding the call stack limit. The vulnerability affects the deserialization library's handling of complex data structures without depth validation. Version 1.4.1 introduces a configurable depthLimit parameter to prevent exploitation of this resource exhaustion condition.
Seroval versions 1.4.0 and below are vulnerable to denial of service through malformed deserialization payloads that specify excessively large array lengths, causing the parsing process to consume excessive CPU resources and become unresponsive. An unauthenticated remote attacker can exploit this without user interaction by sending a crafted serialized object to any application using the vulnerable library. The vulnerability has been patched in version 1.4.1.
Seroval versions 1.4.0 and below allow remote attackers to cause denial of service through maliciously crafted RegExp patterns during deserialization, either by exhausting memory with oversized patterns or triggering catastrophic backtracking (ReDoS). The vulnerability requires no authentication or user interaction and affects any application using the library to deserialize untrusted serialized data. A patch is available in version 1.4.1.
Remote code execution in Tendenci CMS versions 15.3.11 and below allows authenticated staff users to execute arbitrary code through unsafe pickle deserialization in the Helpdesk module's reporting function. The vulnerability stems from incomplete patching of CVE-2020-14942, where the run_report() function continues to use unsafe pickle.loads() despite the ticket_list() function being corrected. Public exploit code exists for this issue, though impact is limited to the privileges of the application's runtime user.
Arbitrary code execution in Seroval versions 1.4.0 and below allows authenticated attackers to execute malicious JavaScript through improper deserialization handling in the fromJSON and fromCrossJSON functions. Exploitation requires multiple requests to the affected function and partial knowledge of runtime data usage, but grants full code execution capabilities. A patch is available in version 1.4.1 and later.
Seroval is affected by improperly controlled modification of object prototype attributes (prototype pollution) (CVSS 7.3).
Laravel Reverb WebSocket server versions 1.6.3 and below have an insecure deserialization vulnerability enabling remote code execution on the backend server.
EVerest is an EV charging software stack. Prior to version 2025.10.0, during the deserialization of a `DC_ChargeLoopRes` message that includes Receipt as well as TaxCosts, the vector `<DetailedTax>tax_costs` in the target `Receipt` structure is accessed out of bounds. [CVSS 7.4 HIGH]
PLY (Python Lex-Yacc) library 3.11 has an unsafe feature enabling remote code execution through pickle deserialization of cached parser tables, with EPSS 0.91%.
PHP object injection in the Nexter Extension plugin for WordPress (versions up to 4.4.6) allows unauthenticated remote attackers to deserialize untrusted data, potentially enabling arbitrary code execution, file deletion, or data theft if a compatible POP chain exists in other installed plugins or themes. The vulnerability has a high CVSS score of 8.1 but currently lacks a public exploit chain in the vulnerable software itself. No patch is currently available.
The extension extends TYPO3’ FileSpool component, which was vulnerable to Insecure Deserialization prior to TYPO3-CORE-SA-2026-004 https://typo3.org/security/advisory/typo3-core-sa-2026-004 .
Changjetong T+ (through 16.x) has .NET deserialization RCE in an AjaxPro endpoint. Attacker-controlled JSON triggers deserialization of malicious .NET types. PoC available.
Remote code execution in Azure Core Shared Client Library for Python results from insecure deserialization of untrusted data, allowing authenticated network-based attackers to achieve arbitrary code execution. The vulnerability affects Python applications utilizing the vulnerable library versions, with no patch currently available. This represents a high-severity risk for Azure SDK consumers handling external or user-supplied serialized data.
Microsoft Office SharePoint contains a deserialization vulnerability (CVE-2026-20963) that allows authenticated users to execute arbitrary code over the network through crafted serialized objects. KEV-listed with public PoC, this CVSS 8.8 vulnerability enables any SharePoint user to escalate to server-level code execution, making it a critical threat for organizations relying on SharePoint for document management and collaboration.
Arbitrary PHP code execution in TYPO3 CMS versions 10.0.0 through 14.0.1 through unsafe deserialization of mail spool files, allowing local attackers with write access to the spool directory to execute malicious code when the mailer:spool:send command is executed. Affected versions span multiple release lines including 10.x, 11.x, 12.x, 13.x, and 14.x, requiring immediate patching to prevent web server compromise.
Arbitrary code execution in LlamaIndex (run-llama/llama_index) versions up to and including 0.11.6 occurs when BGEM3Index.load_from_disk() calls pickle.load() on a multi_embed_store.pkl file read from an attacker-controlled persist_dir. A victim who loads a maliciously crafted index directory executes attacker-supplied code in their own process. Publicly available exploit code exists (huntr bounty submission), though EPSS is low (0.08%) and it is not listed in CISA KEV, so there is no public exploit identified as actively exploited.
Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Object Injection.This issue affects DX NetOps Spectrum: 24.3.13 and earlier. [CVSS 8.8 HIGH]
Fickling's static analyzer before version 0.1.7 fails to detect several dangerous Python modules in pickled objects, enabling attackers to craft malicious pickles that bypass safety checks and achieve arbitrary code execution. This vulnerability affects users relying on Fickling to validate untrusted serialized Python objects for safety. Public exploit code exists for this HIGH severity vulnerability, though a patch is available in version 0.1.7 and later.
Fickling before version 0.1.7 allows local attackers to achieve arbitrary code execution through Python pickle deserialization by chaining unblocked ctypes and pydoc modules, bypassing the tool's safety scanner which incorrectly reports malicious files as LIKELY_SAFE. An attacker with user interaction can exploit this vulnerability to execute code with the privileges of the Python process. A patch is available in version 0.1.7 and later.
Fickling's static analyzer through version 0.1.6 fails to properly classify the cProfile module as unsafe during pickle analysis, causing malicious pickles leveraging cProfile.run() to be marked as SUSPICIOUS rather than OVERTLY_MALICIOUS. Organizations using Fickling as a security gate for deserialization decisions may be deceived into executing attacker-controlled code. Public exploit code exists for this vulnerability, and patches are available in version 0.1.7 and later.
Fickling's incomplete pickle analysis allows attackers to bypass security checks by using Python's runpy module to execute arbitrary code. Versions through 0.1.6 misclassify dangerous runpy-based payloads as merely suspicious rather than malicious, enabling code execution on systems that rely on Fickling to validate pickle safety. Public exploit code exists for this vulnerability, though a patch is available in version 0.1.7.
Newsletters WordPress plugin by Tribulant (through 4.11) is vulnerable to PHP object injection through deserialization of untrusted data, potentially leading to RCE via POP chains.
Unsafe deserialization in Bio-Formats up to version 8.3.0 allows local attackers to execute arbitrary code or cause denial of service by crafting malicious .bfmemo cache files that are automatically loaded during image processing without validation. The Memoizer class deserializes untrusted data from these files, enabling potential remote code execution if suitable Java gadget chains are available on the classpath. No patch is currently available for this vulnerability (CVSS 7.8).
RustFS is a distributed object storage system built in Rust. [CVSS 4.0 MEDIUM]
DZS Video Gallery WordPress plugin (through 12.37) is vulnerable to PHP object injection through insecure deserialization. An unauthenticated attacker can inject arbitrary PHP objects, potentially achieving code execution through POP chains.
Deserialization of Untrusted Data vulnerability in Digital zoom studio DZS Video Gallery allows Object Injection.This issue affects DZS Video Gallery: from n/a through 12.25. [CVSS 8.8 HIGH]
Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection.This issue affects Themify Edmin: from n/a through 2.0.0. [CVSS 8.8 HIGH]
A security vulnerability has been detected in milvu versions up to 2.6.7. is affected by improper input validation (CVSS 6.3).
MessagePack for Java versions prior to 0.9.11 are vulnerable to denial-of-service attacks through malicious .msgpack files that exploit unbounded heap allocation when deserializing EXT32 objects. An unauthenticated attacker can craft a small payload with attacker-controlled extension lengths that causes the library to attempt allocating excessive memory, leading to JVM heap exhaustion and service unavailability. Public exploit code exists for this vulnerability; organizations using affected versions should update immediately.
A vulnerability was determined in PluXml up to 5.8.22. Affected is the function FileCookieJar::__destruct of the file core/admin/medias.php of the component Media Management Module. [CVSS 4.7 MEDIUM]
A high-severity remote code execution vulnerability exists in feast-dev/feast version 0.53.0, specifically in the Kubernetes materializer job located at `feast/sdk/python/feast/infra/compute_engines/kubernetes/main.py`. [CVSS 7.8 HIGH]
A flaw has been found in EyouCMS up to 1.7.7. The impacted element is the function unserialize of the file application/api/controller/Ajax.php of the component arcpagelist Handler. Executing a manipulation of the argument attstr can lead to deserialization. The attack can be launched remotely. The exploit has been published and may be used. The vendor is "[a]cknowledging the existence of the vulnerability, we have completed the fix and will release a new version, v1.7.8".
A vulnerability was determined in aizuda snail-job up to 1.7.0 on macOS. Affected by this vulnerability is the function FurySerializer.deserialize of the component API. This manipulation of the argument argsStr causes deserialization. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
A vulnerability has been found in Dromara Sa-Token up to 1.44.0. This issue affects the function ObjectInputStream.readObject of the file SaSerializerTemplateForJdkUseBase64.java. Such manipulation leads to deserialization. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
PHP object injection in Icegram Express Pro (WordPress email marketing plugin) through version 5.9.13 enables unauthenticated remote attackers to execute arbitrary code via unsafe deserialization of user-controlled data. With CVSS 9.8 (critical severity) and network-accessible attack vector requiring no authentication or user interaction, this represents a severe pre-authentication RCE risk. EPSS score of 0.06% (19th percentile) suggests low immediate exploitation probability, and no public exploit or CISA KEV listing identified at time of analysis, though Patchstack disclosure increases attacker awareness.
PHP object injection in PDF for Elementor Forms plugin through version 6.5.0 allows authenticated attackers to execute arbitrary code or manipulate application logic via deserialization of untrusted data. While CVSS scores this 8.8 (High), real-world risk is tempered by authentication requirement (PR:L) and low EPSS score (0.06%, 19th percentile), indicating minimal observed exploitation attempts. No CISA KEV listing or public exploit code identified, suggesting attacks remain theoretical rather than widespread.
Object injection via unsafe deserialization in PDF Invoice Builder for WooCommerce plugin allows authenticated attackers with low privileges to execute arbitrary PHP code, manipulate application objects, or trigger other malicious actions. Affects all versions through 6.5.0. No public exploit identified at time of analysis, with EPSS probability of 0.07% suggesting minimal real-world exploitation activity despite high CVSS score.
Object injection via unsafe deserialization in PDF for WPForms plugin (versions ≤6.5.0) enables authenticated attackers to execute arbitrary PHP code or manipulate application state. The CVSS score of 8.8 reflects network-based exploitation with low complexity requiring only low-privileged authentication. EPSS probability of 0.07% (22nd percentile) suggests limited exploitation likelihood. No public exploit code or CISA KEV listing identified at time of analysis, indicating this remains a theoretical risk requiring proactive patching.
Object injection via unsafe deserialization in PDF for Contact Form 7 WordPress plugin (versions ≤6.5.0) allows authenticated attackers to execute arbitrary PHP code or manipulate application state. Attack requires low-privileged user credentials but no user interaction, with network-accessible attack vector. EPSS probability remains low (0.07%, 22nd percentile) and no active exploitation confirmed at time of analysis. Publicly available exploit code exists per Patchstack disclosure.
PHP object injection in PDF for Gravity Forms + Drag And Drop Template Builder (WordPress plugin) versions up to 6.5.0 allows authenticated attackers with low privileges to execute arbitrary code or manipulate application logic via unsafe deserialization. CVSS 7.5 (High) but EPSS probability of 0.07% (22nd percentile) indicates low observed exploitation likelihood. No public exploit identified at time of analysis, and attack requires high complexity (AC:H) with authenticated access (PR:L).
Deserialization vulnerability in Tiny RDM up to version 1.2.5 allows authenticated remote attackers to trigger unsafe pickle deserialization via the Pickle Decoding component, potentially leading to code execution. The attack requires high complexity and prior authentication, making practical exploitation difficult. Public exploit code is available, but the low EPSS score (0.10%) and absence of active exploitation tracking suggest limited real-world risk at present.
PHP object injection in Doubly Cross Domain Copy Paste plugin (≤1.0.46) allows authenticated attackers with Subscriber-level privileges to execute arbitrary code via deserialized untrusted input from uploaded ZIP archives. Exploitation requires administrators to explicitly enable Subscriber access. Available POP chains enable code execution, file deletion, and sensitive data retrieval. Attack vector requires low privilege (PR:L) authentication with network accessibility and no user interaction. No public exploit identified at time of analysis.
Deserialization of untrusted data in WP Maps WordPress plugin versions up to 4.8.6 allows high-privileged authenticated users to inject and instantiate arbitrary PHP objects, potentially leading to code execution or privilege escalation. While the CVSS score of 6.5 reflects high confidentiality and integrity impact, the requirement for administrator-level privileges (PR:H) and user interaction (UI:R) significantly constrains real-world exploitability. EPSS score of 0.04% indicates minimal observed exploitation likelihood despite the vulnerability's technical severity.
A critical remote code execution vulnerability exists in CSLA .NET framework versions 5.5.4 and below due to insecure deserialization when using WcfProxy with the obsolete NetDataContractSerializer. This vulnerability allows unauthenticated remote attackers to execute arbitrary code on affected systems without user interaction, potentially leading to complete system compromise. While no active exploitation has been reported in CISA KEV and no public POC is mentioned, the vulnerability's network-exposed nature and low attack complexity make it a high-priority security concern.
A serialization bug in matrix-sdk-base allows remote attackers to cause denial-of-service by sending rooms with custom m.room.join_rules values, which stalls the sync process and prevents all room processing. The vulnerability affects matrix-sdk-base versions 0.14.1 and prior and has a high availability impact (CVSS 7.5) with a patch available in version 0.16.0. With a low EPSS score of 0.06% and no KEV listing, this represents a moderate real-world risk primarily concerning service availability rather than active exploitation.
In Infoblox NIOS through 9.0.7, insecure deserialization can result in remote code execution. [CVSS 8.8 HIGH]
{method} and /execute/{method} feed attacker-supplied request bodies straight into pickle.loads(), and the intended nonce authorization gate is bypassed because the nonce defaults to an empty string and is skipped by default. A detailed technical write-up (chocapikk.com) and a VulnCheck advisory describe the flaw; it is not listed in CISA KEV and EPSS is low (0.14%, 34th percentile), indicating no evidence of widespread active exploitation.
PHP object injection in wpForo Forum plugin versions up to 2.4.13 allows authenticated subscribers and above to deserialize untrusted data, potentially enabling arbitrary file deletion, data theft, or code execution if a POP chain exists in installed plugins or themes. The vulnerability requires an additional gadget chain to be exploitable, making its impact dependent on the broader plugin ecosystem of the target WordPress installation.
WP eCommerce WordPre versions up to 3.15.1 is affected by deserialization of untrusted data (CVSS 6.5).
Deserialization of untrusted data in Azure SDK allows unauthorized code execution over a network. EPSS 0.32%.
Microsoft Outlook's unsafe deserialization of untrusted data enables remote attackers to spoof messages and identities without authentication over the network. This vulnerability affects Outlook, Word, and Microsoft 365 Apps, allowing attackers to impersonate legitimate senders and deceive users. No patch is currently available, making this a high-risk threat requiring immediate defensive measures.
Denial of service in SAP NetWeaver's JMS service stems from unsafe deserialization of malicious objects, allowing authenticated administrators with local access to crash the application. The vulnerability requires high privileges and local access but carries no risk to confidentiality or integrity. No patch is currently available.
my little forum PHP forum software has an unrestricted file upload allowing authenticated users to upload dangerous file types.
Unsafe deserialization in yuan1994 tpadmin versions up to 1.3.12 allows remote attackers to execute arbitrary code via the WebUploader preview.php component without authentication. Public exploit code exists for this vulnerability, and affected installations running unsupported versions face immediate risk. The flaw enables complete system compromise with no patch available from the maintainer.
EPyT-Flow hydraulic simulation package has a CVSS 10.0 insecure deserialization enabling code execution when loading simulation scenario files.
CraftCMS 3 vCard Plugin 1.0.0 has an insecure deserialization vulnerability allowing unauthenticated remote code execution through crafted vCard data.
Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5668. [CVSS 7.2 HIGH]
Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5680. [CVSS 7.5 HIGH]
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). [CVSS 7.5 HIGH]
Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. [CVSS 8.4 HIGH]
pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. [CVSS 6.5 MEDIUM]
magepeopleteam WpEvently mage-eventpress is affected by deserialization of untrusted data (CVSS 8.8).
Salt's junos execution module contained an unsafe YAML decode/load usage. A specially crafted YAML payload processed by the junos module could lead to unintended code execution under the context of the Salt process. [CVSS 7.8 HIGH]
Unsafe deserialization in Bolo Solo up to version 2.6.4 through the SnakeYAML component allows authenticated attackers to execute arbitrary code remotely via the importMarkdownsSync function. Public exploit code exists for this vulnerability and no patch is currently available. Authenticated users with access to the backup functionality can trigger this flaw to compromise affected systems.
SolarWinds Web Help Desk has a second deserialization vulnerability (EPSS 11.9%) providing another unauthenticated RCE path alongside CVE-2025-40551.
SolarWinds Web Help Desk contains an unauthenticated Java deserialization vulnerability (CVE-2025-40551, CVSS 9.8) that enables remote code execution. With EPSS 80.6% and KEV listing, this is the more severe of two concurrent WHD vulnerabilities, allowing attackers to execute arbitrary commands on the host server without any credentials.
Unsafe deserialization in PHPUnit versions before 8.5.52, 9.6.33, 10.5.62, 11.5.50, and 12.5.8 allows local attackers to execute arbitrary code by placing malicious serialized objects in `.coverage` files that are deserialized without validation during PHPT test execution. An attacker with file write access can exploit the `cleanupForCoverage()` method's lack of object class restrictions to trigger gadget chains through `__wakeup()` methods. This high-severity vulnerability (CVSS 7.8) affects developers and CI/CD systems running PHPUnit on Linux systems.
Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability in datavane tis (tis-plugin/src/main/java/com/qlangtech/tis/extension/impl modules). This vulnerability is associated with program files XmlFile.Java.
Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. [CVSS 3.7 LOW]
Upsonic has an insecure deserialization via cloudpickle (EPSS 1.3%) enabling remote code execution through crafted serialized AI agent data.
Remote code execution in Langflow's disk cache service allows authenticated attackers to execute arbitrary code by exploiting improper deserialization of untrusted data. The vulnerability affects Langflow installations and requires valid authentication credentials to exploit, enabling attackers to gain code execution within the service account context. No patch is currently available.
GPT Academic has a second insecure deserialization vulnerability in the upload function (EPSS 1.5%) allowing remote code execution through crafted file uploads.
GPT Academic has an insecure deserialization in run_in_subprocess_wrapper_func (EPSS 1.7%) enabling remote code execution through crafted subprocess data.
Remote code execution in GPT Academic's stream_daas function results from improper deserialization of untrusted data when communicating with external servers, allowing unauthenticated attackers to execute arbitrary code with root privileges. The vulnerability requires interaction with a malicious DAAS server and currently has no available patch. Organizations using GPT Academic should implement network controls to restrict connections to untrusted DAAS services until patching is available.
MetaGPT by Foundation Agents has an insecure deserialization in deserialize_message (EPSS 1.7%) enabling remote code execution through crafted serialized data in AI agent communications.
Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. [CVSS 7.8 HIGH]
Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. [CVSS 7.8 HIGH]
Anritsu ShockLine CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu ShockLine. [CVSS 7.8 HIGH]
Deserialization of Untrusted Data vulnerability in fuelthemes North north-wp allows Object Injection.This issue affects North: from n/a through <= 5.7.5. [CVSS 8.8 HIGH]
ThemeREX Sound/musicplace WordPress theme has an insecure deserialization vulnerability enabling PHP object injection and potential remote code execution.
strongholdthemes Tech Life CPT techlife-cpt is affected by deserialization of untrusted data (CVSS 8.8).
strongholdthemes Dental Care CPT dentalcare-cpt is affected by deserialization of untrusted data (CVSS 8.8).
Deserialization of Untrusted Data vulnerability in designthemes OneLife onelife allows Object Injection.This issue affects OneLife: from n/a through <= 3.9. [CVSS 8.8 HIGH]
Deserialization of Untrusted Data vulnerability in AivahThemes Anona anona allows Object Injection.This issue affects Anona: from n/a through <= 8.0. [CVSS 8.8 HIGH]
Deserialization of Untrusted Data vulnerability in designthemes Vivagh vivagh allows Object Injection.This issue affects Vivagh: from n/a through <= 2.4. [CVSS 8.8 HIGH]
Deserialization of Untrusted Data vulnerability in Arraytics Eventin wp-event-solution allows Object Injection.This issue affects Eventin: from n/a through <= 4.1.1. [CVSS 8.8 HIGH]
Deserialization of Untrusted Data vulnerability in designthemes Kids Heaven kids-world allows Object Injection.This issue affects Kids Heaven: from n/a through <= 3.2. [CVSS 8.8 HIGH]
Consult Aid WordPress theme has an insecure deserialization vulnerability allowing object injection that can lead to remote code execution.
Deserialization of Untrusted Data vulnerability in artbees JupiterX Core jupiterx-core allows Object Injection.This issue affects JupiterX Core: from n/a through <= 4.10.1. [CVSS 8.5 HIGH]
Remote code execution in Docling Core versions 2.21.0 through 2.48.3 allows unauthenticated attackers to execute arbitrary code when applications deserialize untrusted YAML data using the `DoclingDocument.load_from_yaml()` method with vulnerable PyYAML versions. The vulnerability stems from unsafe deserialization practices (CWE-502) and affects document processing systems using affected library versions. No patch is currently available; mitigation requires upgrading to version 2.48.4 or ensuring PyYAML 5.4+ is installed.
Seroval versions 1.4.0 and below are vulnerable to denial of service attacks due to unbounded recursion when serializing deeply nested objects, allowing remote attackers to crash applications by exceeding the call stack limit. The vulnerability affects the deserialization library's handling of complex data structures without depth validation. Version 1.4.1 introduces a configurable depthLimit parameter to prevent exploitation of this resource exhaustion condition.
Seroval versions 1.4.0 and below are vulnerable to denial of service through malformed deserialization payloads that specify excessively large array lengths, causing the parsing process to consume excessive CPU resources and become unresponsive. An unauthenticated remote attacker can exploit this without user interaction by sending a crafted serialized object to any application using the vulnerable library. The vulnerability has been patched in version 1.4.1.
Seroval versions 1.4.0 and below allow remote attackers to cause denial of service through maliciously crafted RegExp patterns during deserialization, either by exhausting memory with oversized patterns or triggering catastrophic backtracking (ReDoS). The vulnerability requires no authentication or user interaction and affects any application using the library to deserialize untrusted serialized data. A patch is available in version 1.4.1.
Remote code execution in Tendenci CMS versions 15.3.11 and below allows authenticated staff users to execute arbitrary code through unsafe pickle deserialization in the Helpdesk module's reporting function. The vulnerability stems from incomplete patching of CVE-2020-14942, where the run_report() function continues to use unsafe pickle.loads() despite the ticket_list() function being corrected. Public exploit code exists for this issue, though impact is limited to the privileges of the application's runtime user.
Arbitrary code execution in Seroval versions 1.4.0 and below allows authenticated attackers to execute malicious JavaScript through improper deserialization handling in the fromJSON and fromCrossJSON functions. Exploitation requires multiple requests to the affected function and partial knowledge of runtime data usage, but grants full code execution capabilities. A patch is available in version 1.4.1 and later.
Seroval is affected by improperly controlled modification of object prototype attributes (prototype pollution) (CVSS 7.3).
Laravel Reverb WebSocket server versions 1.6.3 and below have an insecure deserialization vulnerability enabling remote code execution on the backend server.
EVerest is an EV charging software stack. Prior to version 2025.10.0, during the deserialization of a `DC_ChargeLoopRes` message that includes Receipt as well as TaxCosts, the vector `<DetailedTax>tax_costs` in the target `Receipt` structure is accessed out of bounds. [CVSS 7.4 HIGH]
PLY (Python Lex-Yacc) library 3.11 has an unsafe feature enabling remote code execution through pickle deserialization of cached parser tables, with EPSS 0.91%.
PHP object injection in the Nexter Extension plugin for WordPress (versions up to 4.4.6) allows unauthenticated remote attackers to deserialize untrusted data, potentially enabling arbitrary code execution, file deletion, or data theft if a compatible POP chain exists in other installed plugins or themes. The vulnerability has a high CVSS score of 8.1 but currently lacks a public exploit chain in the vulnerable software itself. No patch is currently available.
The extension extends TYPO3’ FileSpool component, which was vulnerable to Insecure Deserialization prior to TYPO3-CORE-SA-2026-004 https://typo3.org/security/advisory/typo3-core-sa-2026-004 .
Changjetong T+ (through 16.x) has .NET deserialization RCE in an AjaxPro endpoint. Attacker-controlled JSON triggers deserialization of malicious .NET types. PoC available.
Remote code execution in Azure Core Shared Client Library for Python results from insecure deserialization of untrusted data, allowing authenticated network-based attackers to achieve arbitrary code execution. The vulnerability affects Python applications utilizing the vulnerable library versions, with no patch currently available. This represents a high-severity risk for Azure SDK consumers handling external or user-supplied serialized data.
Microsoft Office SharePoint contains a deserialization vulnerability (CVE-2026-20963) that allows authenticated users to execute arbitrary code over the network through crafted serialized objects. KEV-listed with public PoC, this CVSS 8.8 vulnerability enables any SharePoint user to escalate to server-level code execution, making it a critical threat for organizations relying on SharePoint for document management and collaboration.
Arbitrary PHP code execution in TYPO3 CMS versions 10.0.0 through 14.0.1 through unsafe deserialization of mail spool files, allowing local attackers with write access to the spool directory to execute malicious code when the mailer:spool:send command is executed. Affected versions span multiple release lines including 10.x, 11.x, 12.x, 13.x, and 14.x, requiring immediate patching to prevent web server compromise.
Arbitrary code execution in LlamaIndex (run-llama/llama_index) versions up to and including 0.11.6 occurs when BGEM3Index.load_from_disk() calls pickle.load() on a multi_embed_store.pkl file read from an attacker-controlled persist_dir. A victim who loads a maliciously crafted index directory executes attacker-supplied code in their own process. Publicly available exploit code exists (huntr bounty submission), though EPSS is low (0.08%) and it is not listed in CISA KEV, so there is no public exploit identified as actively exploited.
Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Object Injection.This issue affects DX NetOps Spectrum: 24.3.13 and earlier. [CVSS 8.8 HIGH]
Fickling's static analyzer before version 0.1.7 fails to detect several dangerous Python modules in pickled objects, enabling attackers to craft malicious pickles that bypass safety checks and achieve arbitrary code execution. This vulnerability affects users relying on Fickling to validate untrusted serialized Python objects for safety. Public exploit code exists for this HIGH severity vulnerability, though a patch is available in version 0.1.7 and later.
Fickling before version 0.1.7 allows local attackers to achieve arbitrary code execution through Python pickle deserialization by chaining unblocked ctypes and pydoc modules, bypassing the tool's safety scanner which incorrectly reports malicious files as LIKELY_SAFE. An attacker with user interaction can exploit this vulnerability to execute code with the privileges of the Python process. A patch is available in version 0.1.7 and later.
Fickling's static analyzer through version 0.1.6 fails to properly classify the cProfile module as unsafe during pickle analysis, causing malicious pickles leveraging cProfile.run() to be marked as SUSPICIOUS rather than OVERTLY_MALICIOUS. Organizations using Fickling as a security gate for deserialization decisions may be deceived into executing attacker-controlled code. Public exploit code exists for this vulnerability, and patches are available in version 0.1.7 and later.
Fickling's incomplete pickle analysis allows attackers to bypass security checks by using Python's runpy module to execute arbitrary code. Versions through 0.1.6 misclassify dangerous runpy-based payloads as merely suspicious rather than malicious, enabling code execution on systems that rely on Fickling to validate pickle safety. Public exploit code exists for this vulnerability, though a patch is available in version 0.1.7.
Newsletters WordPress plugin by Tribulant (through 4.11) is vulnerable to PHP object injection through deserialization of untrusted data, potentially leading to RCE via POP chains.
Unsafe deserialization in Bio-Formats up to version 8.3.0 allows local attackers to execute arbitrary code or cause denial of service by crafting malicious .bfmemo cache files that are automatically loaded during image processing without validation. The Memoizer class deserializes untrusted data from these files, enabling potential remote code execution if suitable Java gadget chains are available on the classpath. No patch is currently available for this vulnerability (CVSS 7.8).
RustFS is a distributed object storage system built in Rust. [CVSS 4.0 MEDIUM]
DZS Video Gallery WordPress plugin (through 12.37) is vulnerable to PHP object injection through insecure deserialization. An unauthenticated attacker can inject arbitrary PHP objects, potentially achieving code execution through POP chains.
Deserialization of Untrusted Data vulnerability in Digital zoom studio DZS Video Gallery allows Object Injection.This issue affects DZS Video Gallery: from n/a through 12.25. [CVSS 8.8 HIGH]
Deserialization of Untrusted Data vulnerability in Themify Themify Edmin allows Object Injection.This issue affects Themify Edmin: from n/a through 2.0.0. [CVSS 8.8 HIGH]
A security vulnerability has been detected in milvu versions up to 2.6.7. is affected by improper input validation (CVSS 6.3).
MessagePack for Java versions prior to 0.9.11 are vulnerable to denial-of-service attacks through malicious .msgpack files that exploit unbounded heap allocation when deserializing EXT32 objects. An unauthenticated attacker can craft a small payload with attacker-controlled extension lengths that causes the library to attempt allocating excessive memory, leading to JVM heap exhaustion and service unavailability. Public exploit code exists for this vulnerability; organizations using affected versions should update immediately.
A vulnerability was determined in PluXml up to 5.8.22. Affected is the function FileCookieJar::__destruct of the file core/admin/medias.php of the component Media Management Module. [CVSS 4.7 MEDIUM]
A high-severity remote code execution vulnerability exists in feast-dev/feast version 0.53.0, specifically in the Kubernetes materializer job located at `feast/sdk/python/feast/infra/compute_engines/kubernetes/main.py`. [CVSS 7.8 HIGH]
A flaw has been found in EyouCMS up to 1.7.7. The impacted element is the function unserialize of the file application/api/controller/Ajax.php of the component arcpagelist Handler. Executing a manipulation of the argument attstr can lead to deserialization. The attack can be launched remotely. The exploit has been published and may be used. The vendor is "[a]cknowledging the existence of the vulnerability, we have completed the fix and will release a new version, v1.7.8".
A vulnerability was determined in aizuda snail-job up to 1.7.0 on macOS. Affected by this vulnerability is the function FurySerializer.deserialize of the component API. This manipulation of the argument argsStr causes deserialization. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
A vulnerability has been found in Dromara Sa-Token up to 1.44.0. This issue affects the function ObjectInputStream.readObject of the file SaSerializerTemplateForJdkUseBase64.java. Such manipulation leads to deserialization. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
PHP object injection in Icegram Express Pro (WordPress email marketing plugin) through version 5.9.13 enables unauthenticated remote attackers to execute arbitrary code via unsafe deserialization of user-controlled data. With CVSS 9.8 (critical severity) and network-accessible attack vector requiring no authentication or user interaction, this represents a severe pre-authentication RCE risk. EPSS score of 0.06% (19th percentile) suggests low immediate exploitation probability, and no public exploit or CISA KEV listing identified at time of analysis, though Patchstack disclosure increases attacker awareness.
PHP object injection in PDF for Elementor Forms plugin through version 6.5.0 allows authenticated attackers to execute arbitrary code or manipulate application logic via deserialization of untrusted data. While CVSS scores this 8.8 (High), real-world risk is tempered by authentication requirement (PR:L) and low EPSS score (0.06%, 19th percentile), indicating minimal observed exploitation attempts. No CISA KEV listing or public exploit code identified, suggesting attacks remain theoretical rather than widespread.
Object injection via unsafe deserialization in PDF Invoice Builder for WooCommerce plugin allows authenticated attackers with low privileges to execute arbitrary PHP code, manipulate application objects, or trigger other malicious actions. Affects all versions through 6.5.0. No public exploit identified at time of analysis, with EPSS probability of 0.07% suggesting minimal real-world exploitation activity despite high CVSS score.
Object injection via unsafe deserialization in PDF for WPForms plugin (versions ≤6.5.0) enables authenticated attackers to execute arbitrary PHP code or manipulate application state. The CVSS score of 8.8 reflects network-based exploitation with low complexity requiring only low-privileged authentication. EPSS probability of 0.07% (22nd percentile) suggests limited exploitation likelihood. No public exploit code or CISA KEV listing identified at time of analysis, indicating this remains a theoretical risk requiring proactive patching.
Object injection via unsafe deserialization in PDF for Contact Form 7 WordPress plugin (versions ≤6.5.0) allows authenticated attackers to execute arbitrary PHP code or manipulate application state. Attack requires low-privileged user credentials but no user interaction, with network-accessible attack vector. EPSS probability remains low (0.07%, 22nd percentile) and no active exploitation confirmed at time of analysis. Publicly available exploit code exists per Patchstack disclosure.
PHP object injection in PDF for Gravity Forms + Drag And Drop Template Builder (WordPress plugin) versions up to 6.5.0 allows authenticated attackers with low privileges to execute arbitrary code or manipulate application logic via unsafe deserialization. CVSS 7.5 (High) but EPSS probability of 0.07% (22nd percentile) indicates low observed exploitation likelihood. No public exploit identified at time of analysis, and attack requires high complexity (AC:H) with authenticated access (PR:L).
Deserialization vulnerability in Tiny RDM up to version 1.2.5 allows authenticated remote attackers to trigger unsafe pickle deserialization via the Pickle Decoding component, potentially leading to code execution. The attack requires high complexity and prior authentication, making practical exploitation difficult. Public exploit code is available, but the low EPSS score (0.10%) and absence of active exploitation tracking suggest limited real-world risk at present.
PHP object injection in Doubly Cross Domain Copy Paste plugin (≤1.0.46) allows authenticated attackers with Subscriber-level privileges to execute arbitrary code via deserialized untrusted input from uploaded ZIP archives. Exploitation requires administrators to explicitly enable Subscriber access. Available POP chains enable code execution, file deletion, and sensitive data retrieval. Attack vector requires low privilege (PR:L) authentication with network accessibility and no user interaction. No public exploit identified at time of analysis.
Deserialization of untrusted data in WP Maps WordPress plugin versions up to 4.8.6 allows high-privileged authenticated users to inject and instantiate arbitrary PHP objects, potentially leading to code execution or privilege escalation. While the CVSS score of 6.5 reflects high confidentiality and integrity impact, the requirement for administrator-level privileges (PR:H) and user interaction (UI:R) significantly constrains real-world exploitability. EPSS score of 0.04% indicates minimal observed exploitation likelihood despite the vulnerability's technical severity.
A critical remote code execution vulnerability exists in CSLA .NET framework versions 5.5.4 and below due to insecure deserialization when using WcfProxy with the obsolete NetDataContractSerializer. This vulnerability allows unauthenticated remote attackers to execute arbitrary code on affected systems without user interaction, potentially leading to complete system compromise. While no active exploitation has been reported in CISA KEV and no public POC is mentioned, the vulnerability's network-exposed nature and low attack complexity make it a high-priority security concern.
A serialization bug in matrix-sdk-base allows remote attackers to cause denial-of-service by sending rooms with custom m.room.join_rules values, which stalls the sync process and prevents all room processing. The vulnerability affects matrix-sdk-base versions 0.14.1 and prior and has a high availability impact (CVSS 7.5) with a patch available in version 0.16.0. With a low EPSS score of 0.06% and no KEV listing, this represents a moderate real-world risk primarily concerning service availability rather than active exploitation.