Total
2675 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-45146 | 1 Codefuse | 1 Modelcache | 2025-10-17 | N/A | 9.8 CRITICAL |
| ModelCache for LLM through v0.2.0 was discovered to contain an deserialization vulnerability via the component /manager/data_manager.py. This vulnerability allows attackers to execute arbitrary code via supplying crafted data. | |||||
| CVE-2025-8963 | 1 Jeecg | 1 Jimureport | 2025-10-17 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was determined in jeecgboot JimuReport up to 2.1.1. Affected by this issue is some unknown functionality of the file /drag/onlDragDataSource/testConnection of the component Data Large Screen Template. The manipulation leads to deserialization. The attack may be launched remotely. The vendor response to the GitHub issue report is: "Modified, next version updated". | |||||
| CVE-2023-49886 | 1 Ibm | 1 Transformation Extender Advanced | 2025-10-16 | N/A | 9.8 CRITICAL |
| IBM Standards Processing Engine 10.0.1.10 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe java deserialization. By sending specially crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. | |||||
| CVE-2025-3413 | 1 Opplus | 1 Springboot-admin | 2025-10-16 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability has been found in opplus springboot-admin up to a2d5310f44fd46780a8686456cf2f9001ab8f024 and classified as critical. Affected by this vulnerability is the function code of the file SysGeneratorController.java. The manipulation of the argument Tables leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-9053 | 1 Vllm-project | 1 Vllm | 2025-10-15 | N/A | 9.8 CRITICAL |
| vllm-project vllm version 0.6.0 contains a vulnerability in the AsyncEngineRPCServer() RPC server entrypoints. The core functionality run_server_loop() calls the function _make_handler_coro(), which directly uses cloudpickle.loads() on received messages without any sanitization. This can result in remote code execution by deserializing malicious pickle data. | |||||
| CVE-2025-56816 | 1 Running-elephant | 1 Datart | 2025-10-10 | N/A | 8.8 HIGH |
| Datart 1.0.0-rc.3 is vulnerable to Directory Traversal. The configuration file handling of the application allows attackers to upload arbitrary YAML files to the config/jdbc-driver-ext.yml path. The application parses this file using SnakeYAML's unsafe load() or loadAs() method without input sanitization. This allows deserialization of attacker-controlled YAML content, leading to arbitrary class instantiation. Under certain conditions, this can be exploited to achieve remote code execution (RCE). | |||||
| CVE-2024-12687 | 1 Plextrac | 1 Plextrac | 2025-10-10 | N/A | 9.8 CRITICAL |
| Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks modules) which allows Object Injection and arbitrary file writes. This issue affects PlexTrac: from 1.61.3 before 2.8.1. | |||||
| CVE-2024-3568 | 1 Huggingface | 1 Transformers | 2025-10-10 | N/A | 9.6 CRITICAL |
| The huggingface/transformers library is vulnerable to arbitrary code execution through deserialization of untrusted data within the `load_repo_checkpoint()` function of the `TFPreTrainedModel()` class. Attackers can execute arbitrary code and commands by crafting a malicious serialized payload, exploiting the use of `pickle.load()` on data from potentially untrusted sources. This vulnerability allows for remote code execution (RCE) by deceiving victims into loading a seemingly harmless checkpoint during a normal training process, thereby enabling attackers to execute arbitrary code on the targeted machine. | |||||
| CVE-2025-4260 | 1 Zhangyanbo2007 | 1 Youkefu | 2025-10-10 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability was found in zhangyanbo2007 youkefu up to 4.2.0 and classified as problematic. Affected by this issue is the function impsave of the file m\web\handler\admin\system\TemplateController.java. The manipulation of the argument dataFile leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-60828 | 1 5kcrm | 1 Wukongcrm | 2025-10-10 | N/A | 6.5 MEDIUM |
| WukongCRM-9.0-JAVA was discovered to contain a fastjson deserialization vulnerability via the /OaExamine/setOaExamine interface. | |||||
| CVE-2025-60830 | 1 Redragon-erp | 1 Redragon-erp | 2025-10-10 | N/A | 6.5 MEDIUM |
| redragon-erp v1.0 was discovered to contain a Shiro deserialization vulnerability caused by the default Shiro key. | |||||
| CVE-2025-60834 | 1 Ghostxbh | 1 Uzy-ssm-mall | 2025-10-10 | N/A | 6.5 MEDIUM |
| A fastjson deserialization vulnerability in uzy-ssm-mall v1.1.0 allows attackers to execute arbitrary code via supplying a crafted input. | |||||
| CVE-2025-9188 | 1 Ni | 1 Dasylab | 2025-10-09 | N/A | 7.8 HIGH |
| There is a deserialization of untrusted data vulnerability in Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab. | |||||
| CVE-2025-6544 | 1 H2o | 1 H2o | 2025-10-08 | N/A | 9.8 CRITICAL |
| A deserialization vulnerability exists in h2oai/h2o-3 versions <= 3.46.0.8, allowing attackers to read arbitrary system files and execute arbitrary code. The vulnerability arises from improper handling of JDBC connection parameters, which can be exploited by bypassing regular expression checks and using double URL encoding. This issue impacts all users of the affected versions. | |||||
| CVE-2025-5326 | 1 Zhilink | 1 Adp Application Developer Platform | 2025-10-03 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0 and classified as critical. Affected by this issue is some unknown functionality of the file /adpweb/wechat/verifyToken/. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-2043 | 1 Pb-cms Project | 1 Pb-cms | 2025-10-03 | 5.8 MEDIUM | 4.7 MEDIUM |
| A vulnerability was found in LinZhaoguan pb-cms 1.0.0 and classified as critical. This issue affects some unknown processing of the file /admin#themes of the component Add New Topic Handler. The manipulation of the argument Topic Key leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-59050 | 1 Getgreenshot | 1 Greenshot | 2025-10-02 | N/A | 8.4 HIGH |
| Greenshot is an open source Windows screenshot utility. Greenshot 1.3.300 and earlier deserializes attacker-controlled data received in a WM_COPYDATA message using BinaryFormatter.Deserialize without prior validation or authentication, allowing a local process at the same integrity level to trigger arbitrary code execution inside the Greenshot process. The vulnerable logic resides in a WinForms WndProc handler for WM_COPYDATA (message 74) that copies the supplied bytes into a MemoryStream and invokes BinaryFormatter.Deserialize, and only afterward checks whether the specified channel is authorized. Because the authorization check occurs after deserialization, any gadget chain embedded in the serialized payload executes regardless of channel membership. A local attacker who can send WM_COPYDATA to the Greenshot main window can achieve in-process code execution, which may aid evasion of application control policies by running payloads within the trusted, signed Greenshot.exe process. This issue is fixed in version 1.3.301. No known workarounds exist. | |||||
| CVE-2025-43489 | 1 Hp | 1 Poly Clariti Manager | 2025-10-02 | N/A | 5.2 MEDIUM |
| A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.1. The vulnerability could deserialize untrusted data without validation. HP has addressed the issue in the latest software update. | |||||
| CVE-2024-37285 | 1 Elastic | 1 Kibana | 2025-10-01 | N/A | 9.1 CRITICAL |
| A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. A successful attack requires a malicious user to have a combination of both specific Elasticsearch indices privileges https://www.elastic.co/guide/en/elasticsearch/reference/current/defining-roles.html#roles-indices-priv and Kibana privileges https://www.elastic.co/guide/en/fleet/current/fleet-roles-and-privileges.html assigned to them. The following Elasticsearch indices permissions are required * write privilege on the system indices .kibana_ingest* * The allow_restricted_indices flag is set to true Any of the following Kibana privileges are additionally required * Under Fleet the All privilege is granted * Under Integration the Read or All privilege is granted * Access to the fleet-setup privilege is gained through the Fleet Server’s service account token | |||||
| CVE-2024-11839 | 1 Plextrac | 1 Plextrac | 2025-10-01 | N/A | 7.5 HIGH |
| Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks modules) which allows Object Injection and arbitrary file writes.This issue affects PlexTrac: from 1.61.3 before 2.8.1. | |||||