Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-12378 |
|
Vulnerability in wordpress (CVE-2026-12378)
vulnerability in wordpress (CVE-2026-12378). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43825 |
|
Unsafe Deserialization in apache (CVE-2026-43825)
vulnerability in apache (CVE-2026-43825). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46590 |
|
Unsafe Deserialization in apache (CVE-2026-46590)
vulnerability in apache (CVE-2026-46590). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43866 |
|
Unsafe Deserialization in apache (CVE-2026-43866)
vulnerability in apache (CVE-2026-43866). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43867 |
|
Unsafe Deserialization in apache (CVE-2026-43867)
vulnerability in apache (CVE-2026-43867). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40859 |
|
Unsafe Deserialization in apache (CVE-2026-40859)
vulnerability in apache (CVE-2026-40859). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43865 |
|
Unsafe Deserialization in csharp (CVE-2026-43865)
vulnerability in csharp (CVE-2026-43865). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42527 |
|
Unsafe Deserialization in csharp (CVE-2026-42527)
vulnerability in csharp (CVE-2026-42527). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14723 |
|
Vulnerability in deserialization (CVE-2026-14723)
vulnerability in deserialization (CVE-2026-14723). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14637 |
|
Vulnerability in deserialization (CVE-2026-14637)
vulnerability in deserialization (CVE-2026-14637). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14535 |
|
Vulnerability in deserialization (CVE-2026-14535)
vulnerability in deserialization (CVE-2026-14535). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71369 |
|
Unsafe Deserialization in deserialization (CVE-2025-71369)
vulnerability in deserialization (CVE-2025-71369). Confidential information can be exposed externally.
|
| CVE-2025-71362 |
|
Unsafe Deserialization in deserialization (CVE-2025-71362)
vulnerability in deserialization (CVE-2025-71362). Confidential information can be exposed externally.
|
| CVE-2025-71359 |
|
Unsafe Deserialization in deserialization (CVE-2025-71359)
vulnerability in deserialization (CVE-2025-71359). Confidential information can be exposed externally.
|
| CVE-2025-71347 |
|
Unsafe Deserialization in deserialization (CVE-2025-71347)
vulnerability in deserialization (CVE-2025-71347). Confidential information can be exposed externally.
|
| CVE-2025-71345 |
|
Unsafe Deserialization in deserialization (CVE-2025-71345)
vulnerability in deserialization (CVE-2025-71345). Confidential information can be exposed externally.
|
| CVE-2026-12481 |
|
Unsafe Deserialization in deserialization (CVE-2026-12481)
vulnerability in deserialization (CVE-2026-12481). Successful exploitation can lead to full system takeover. Exploitable via ``Lambda``.
|
| CVE-2026-13371 |
|
Unsafe Deserialization in deserialization (CVE-2026-13371)
vulnerability in deserialization (CVE-2026-13371). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56037 |
|
Unsafe Deserialization in deserialization (CVE-2026-56037)
vulnerability in deserialization (CVE-2026-56037). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55153 |
|
Vulnerability in deserialization (CVE-2026-55153)
vulnerability in deserialization (CVE-2026-55153). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14265 |
|
Unsafe Deserialization in Amazon aws (CVE-2026-14265)
vulnerability in Amazon aws (CVE-2026-14265). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58025 |
|
Code Injection in deserialization (CVE-2026-58025)
code injection in deserialization (CVE-2026-58025). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24249 |
|
Code Injection in deserialization (CVE-2026-24249)
code injection in deserialization (CVE-2026-24249). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24245 |
|
Unsafe Deserialization in deserialization (CVE-2026-24245)
vulnerability in deserialization (CVE-2026-24245). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24243 |
|
Unsafe Deserialization in deserialization (CVE-2026-24243)
vulnerability in deserialization (CVE-2026-24243). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24244 |
|
Unsafe Deserialization in deserialization (CVE-2026-24244)
vulnerability in deserialization (CVE-2026-24244). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24247 |
|
Unsafe Deserialization in deserialization (CVE-2026-24247)
vulnerability in deserialization (CVE-2026-24247). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24240 |
|
Unsafe Deserialization in deserialization (CVE-2026-24240)
vulnerability in deserialization (CVE-2026-24240). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57516 |
|
Unsafe Deserialization in deserialization (CVE-2026-57516)
vulnerability in deserialization (CVE-2026-57516). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10538 |
|
Unsafe Deserialization in deserialization (CVE-2026-10538)
vulnerability in deserialization (CVE-2026-10538). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71374 |
|
Unsafe Deserialization in deserialization (CVE-2025-71374)
vulnerability in deserialization (CVE-2025-71374). Confidential information can be exposed externally.
|
| CVE-2025-71363 |
|
Unsafe Deserialization in deserialization (CVE-2025-71363)
vulnerability in deserialization (CVE-2025-71363). Confidential information can be exposed externally.
|
| CVE-2025-71355 |
|
Vulnerability in deserialization (CVE-2025-71355)
vulnerability in deserialization (CVE-2025-71355). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55223 |
|
Unsafe Deserialization in apache (CVE-2026-55223)
vulnerability in apache (CVE-2026-55223). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13773 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-13773)
SSRF in ssrf (CVE-2026-13773). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46386 |
|
Unsafe Deserialization in rails (CVE-2026-46386)
vulnerability in rails (CVE-2026-46386). Successful exploitation can lead to full system takeover.
|
| CVE-2026-57527 |
|
Unsafe Deserialization in deserialization (CVE-2026-57527)
vulnerability in deserialization (CVE-2026-57527). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53914 |
|
Unsafe Deserialization in deserialization (CVE-2026-53914)
vulnerability in deserialization (CVE-2026-53914). Confidential information can be exposed externally.
|
| CVE-2026-12578 |
|
Unsafe Deserialization in cisa (CVE-2026-12578)
vulnerability in cisa (CVE-2026-12578). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10043 |
|
Unsafe Deserialization in deserialization (CVE-2026-10043)
vulnerability in deserialization (CVE-2026-10043). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56121 |
|
Unsafe Deserialization in deserialization (CVE-2026-56121)
vulnerability in deserialization (CVE-2026-56121). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54512 |
|
Vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54512)
vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54512). Successful exploitation can lead to full system takeover. Exploitable via ``PolymorphicTypeValidator``. Mitigation: upgrade to `2.21.4` or later.
|
| CVE-2026-54516 |
|
Vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54516)
vulnerability in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54516). Risk of unauthorized operations or information disclosure. Exploitable via ``MapperFeature.INFER_PROPERTY_MUTATORS``. Mitigation: upgrade to `3.1.4` or later.
|
| CVE-2026-54514 |
|
SSRF (Server-Side Request Forgery) in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54514)
SSRF in com.fasterxml.jackson.core:jackson-databind (CVE-2026-54514). Risk of unauthorized operations or information disclosure. Exploitable via ``JDKFromStringDeserializer``. Mitigation: upgrade to `3.1.4` or later.
|
| CVE-2026-48517 |
|
Vulnerability in MessagePack (CVE-2026-48517)
vulnerability in MessagePack (CVE-2026-48517). Data can be tampered with by attackers. Exploitable via ``MessagePackSerializer.Typeless``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-48513 |
|
Vulnerability in MessagePack (CVE-2026-48513)
vulnerability in MessagePack (CVE-2026-48513). Risk of unauthorized operations or information disclosure. Exploitable via ``DynamicUnionResolver``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-48512 |
|
Vulnerability in MessagePack (CVE-2026-48512)
vulnerability in MessagePack (CVE-2026-48512). Risk of unauthorized operations or information disclosure. Exploitable via ``MessagePackSerializer.ConvertFromJson``. Mitigation: upgrade to `3.1.7` or later.
|
| CVE-2026-46607 |
|
Unsafe Deserialization in glances (CVE-2026-46607)
vulnerability in glances (CVE-2026-46607). Successful exploitation can lead to full system takeover. Exploitable via ``self.cache_file``. Mitigation: upgrade to `4.5.5` or later.
|
| CVE-2026-12787 |
|
Vulnerability in deserialization (CVE-2026-12787)
vulnerability in deserialization (CVE-2026-12787). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56304 |
|
Unsafe Deserialization in dos (CVE-2026-56304)
vulnerability in dos (CVE-2026-56304). Risk of unauthorized operations or information disclosure.
|