Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-502 Clear
ID Title
CVE-2026-43633 Unsafe Deserialization in deserialization (CVE-2026-43633)
vulnerability in deserialization (CVE-2026-43633). Successful exploitation can lead to full system takeover.
CVE-2026-46725 Unsafe Deserialization in mmc/ceselector (CVE-2026-46725)
vulnerability in mmc/ceselector (CVE-2026-46725). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.0.3` or later.
CVE-2026-8727 Unsafe Deserialization in tomasnorre/crawler (CVE-2026-8727)
vulnerability in tomasnorre/crawler (CVE-2026-8727). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.13` or later.
CVE-2026-33233 Code Injection in deserialization (CVE-2026-33233)
code injection in deserialization (CVE-2026-33233). Successful exploitation can lead to full system takeover.
CVE-2026-26978 Unsafe Deserialization in CVE-2026-26978 (CVE-2026-26978)
vulnerability in CVE-2026-26978 (CVE-2026-26978). Risk of unauthorized operations or information disclosure.
CVE-2026-45829 Code Injection in chromadb (CVE-2026-45829)
code injection in chromadb (CVE-2026-45829). Successful exploitation can lead to full system takeover.
CVE-2026-7304 Unsafe Deserialization in sglang (CVE-2026-7304)
vulnerability in sglang (CVE-2026-7304). Successful exploitation can lead to full system takeover.
CVE-2026-7301 Unsafe Deserialization in sglang (CVE-2026-7301)
vulnerability in sglang (CVE-2026-7301). Successful exploitation can lead to full system takeover.
CVE-2026-8751 Vulnerability in deserialization (CVE-2026-8751)
vulnerability in deserialization (CVE-2026-8751). Risk of unauthorized operations or information disclosure.
CVE-2026-8735 Vulnerability in deserialization (CVE-2026-8735)
vulnerability in deserialization (CVE-2026-8735). Risk of unauthorized operations or information disclosure.
CVE-2021-47952 Code Injection in deserialization (CVE-2021-47952)
code injection in deserialization (CVE-2021-47952). Successful exploitation can lead to full system takeover.
CVE-2026-8612 Unsafe Deserialization in oalders (CVE-2026-8612)
vulnerability in oalders (CVE-2026-8612). Risk of unauthorized operations or information disclosure.
CVE-2026-44501 Unsafe Deserialization in react (CVE-2026-44501)
vulnerability in react (CVE-2026-44501). Risk of unauthorized operations or information disclosure. Exploitable via `GET /callback/oidc`. Mitigation: upgrade to `1.5.0.3` or later.
CVE-2026-1184 Unsafe Deserialization in gitlab (CVE-2026-1184)
vulnerability in gitlab (CVE-2026-1184). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-41957 Unsafe Deserialization in f5 (CVE-2026-41957)
vulnerability in f5 (CVE-2026-41957). Successful exploitation can lead to full system takeover.
CVE-2026-45134 Unsafe Deserialization in langsmith (CVE-2026-45134)
vulnerability in langsmith (CVE-2026-45134). Confidential information can be exposed externally. Exploitable via ``pull_prompt``. Mitigation: upgrade to `0.8.0` or later.
CVE-2026-7635 Unsafe Deserialization in wordpress (CVE-2026-7635)
vulnerability in wordpress (CVE-2026-7635). Successful exploitation can lead to full system takeover. Exploitable via `User-Agent header`.
CVE-2026-34659 Unsafe Deserialization in deserialization (CVE-2026-34659)
vulnerability in deserialization (CVE-2026-34659). Successful exploitation can lead to full system takeover.
CVE-2026-35439 Unsafe Deserialization in deserialization (CVE-2026-35439)
vulnerability in deserialization (CVE-2026-35439). Successful exploitation can lead to full system takeover.
CVE-2026-40368 Unsafe Deserialization in deserialization (CVE-2026-40368)
vulnerability in deserialization (CVE-2026-40368). Successful exploitation can lead to full system takeover.
CVE-2026-40357 Unsafe Deserialization in deserialization (CVE-2026-40357)
vulnerability in deserialization (CVE-2026-40357). Successful exploitation can lead to full system takeover.
CVE-2026-33110 Unsafe Deserialization in deserialization (CVE-2026-33110)
vulnerability in deserialization (CVE-2026-33110). Successful exploitation can lead to full system takeover.
CVE-2026-33112 Unsafe Deserialization in deserialization (CVE-2026-33112)
vulnerability in deserialization (CVE-2026-33112). Successful exploitation can lead to full system takeover.
CVE-2026-31237 Unsafe Deserialization in ludwig (CVE-2026-31237)
vulnerability in ludwig (CVE-2026-31237). Successful exploitation can lead to full system takeover.
CVE-2026-31238 Unsafe Deserialization in ludwig (CVE-2026-31238)
vulnerability in ludwig (CVE-2026-31238). Successful exploitation can lead to full system takeover.
CVE-2026-31235 Unsafe Deserialization in imgaug (CVE-2026-31235)
vulnerability in imgaug (CVE-2026-31235). Successful exploitation can lead to full system takeover.
CVE-2026-31239 Unsafe Deserialization in mamba-ssm (CVE-2026-31239)
vulnerability in mamba-ssm (CVE-2026-31239). Successful exploitation can lead to full system takeover.
CVE-2026-31229 Unsafe Deserialization in deserialization (CVE-2026-31229)
vulnerability in deserialization (CVE-2026-31229). Successful exploitation can lead to full system takeover.
CVE-2026-31234 Unsafe Deserialization in horovod (CVE-2026-31234)
vulnerability in horovod (CVE-2026-31234). Successful exploitation can lead to full system takeover.
CVE-2026-31232 Unsafe Deserialization in deserialization (CVE-2026-31232)
vulnerability in deserialization (CVE-2026-31232). Successful exploitation can lead to full system takeover.
CVE-2026-31221 Unsafe Deserialization in pytorch-lightning (CVE-2026-31221)
vulnerability in pytorch-lightning (CVE-2026-31221). Successful exploitation can lead to full system takeover.
CVE-2026-31222 Unsafe Deserialization in snorkel (CVE-2026-31222)
vulnerability in snorkel (CVE-2026-31222). Successful exploitation can lead to full system takeover.
CVE-2026-31223 Unsafe Deserialization in snorkel (CVE-2026-31223)
vulnerability in snorkel (CVE-2026-31223). Successful exploitation can lead to full system takeover.
CVE-2026-31224 Unsafe Deserialization in snorkel (CVE-2026-31224)
vulnerability in snorkel (CVE-2026-31224). Successful exploitation can lead to full system takeover.
CVE-2026-31214 Unsafe Deserialization in deserialization (CVE-2026-31214)
vulnerability in deserialization (CVE-2026-31214). Successful exploitation can lead to full system takeover.
CVE-2026-31218 Unsafe Deserialization in deserialization (CVE-2026-31218)
vulnerability in deserialization (CVE-2026-31218). Successful exploitation can lead to full system takeover.
CVE-2026-31219 Unsafe Deserialization in deserialization (CVE-2026-31219)
vulnerability in deserialization (CVE-2026-31219). Successful exploitation can lead to full system takeover.
CVE-2026-3048 Unsafe Deserialization in CVE-2026-3048 (CVE-2026-3048)
vulnerability in CVE-2026-3048 (CVE-2026-3048). Risk of unauthorized operations or information disclosure.
CVE-2026-31249 Unsafe Deserialization in deserialization (CVE-2026-31249)
vulnerability in deserialization (CVE-2026-31249). Risk of unauthorized operations or information disclosure.
CVE-2026-31250 Unsafe Deserialization in deserialization (CVE-2026-31250)
vulnerability in deserialization (CVE-2026-31250). Risk of unauthorized operations or information disclosure.
CVE-2026-31253 Code Injection in flash_attn (CVE-2026-31253)
code injection in flash_attn (CVE-2026-31253). Risk of unauthorized operations or information disclosure.
CVE-2026-7818 Unsafe Deserialization in pgadmin4 (CVE-2026-7818)
vulnerability in pgadmin4 (CVE-2026-7818). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.15` or later.
CVE-2026-44843 Unsafe Deserialization in langchain-core (CVE-2026-44843)
vulnerability in langchain-core (CVE-2026-44843). Confidential information can be exposed externally. Exploitable via ``RunnableWithMessageHistory``. Mitigation: upgrade to `0.3.85` or later.
CVE-2026-41486 Code Injection in ray (CVE-2026-41486)
code injection in ray (CVE-2026-41486). Successful exploitation can lead to full system takeover. Exploitable via ``ray.data.arrow_tensor``. Mitigation: upgrade to `2.55.0` or later.
CVE-2026-44126 Unsafe Deserialization in CVE-2026-44126 (CVE-2026-44126)
vulnerability in CVE-2026-44126 (CVE-2026-44126). Risk of unauthorized operations or information disclosure.
CVE-2026-5127 Unsafe Deserialization in wordpress (CVE-2026-5127)
vulnerability in wordpress (CVE-2026-5127). Successful exploitation can lead to full system takeover.
CVE-2025-69690 Unsafe Deserialization in deserialization (CVE-2025-69690)
vulnerability in deserialization (CVE-2025-69690). Successful exploitation can lead to full system takeover.
CVE-2025-69691 Vulnerability in pfsense (CVE-2025-69691)
vulnerability in pfsense (CVE-2025-69691). Successful exploitation can lead to full system takeover.
CVE-2024-53326 Unsafe Deserialization in deserialization (CVE-2024-53326)
vulnerability in deserialization (CVE-2024-53326). Successful exploitation can lead to full system takeover.
CVE-2022-21549 Unsafe Deserialization in java (CVE-2022-21549)
vulnerability in java (CVE-2022-21549). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `17.0.4` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →