CVE & Exploit Intelligence Database

CVE-2025-42966 9.1 CRITICAL EPSS 0.00

SAP NetWeaver XML Data Archiving Service allows an authenticated attacker with administrative privileges to exploit an insecure Java deserialization vulnerability by sending a specially crafted serialized Java object. This could lead to high impact on confidentiality, integrity, and availability of the application.

CWE-502 Jul 08, 2025

CVE-2025-42964 9.1 CRITICAL EPSS 0.00

SAP NetWeaver Enterprise Portal Administration is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system.

CWE-502 Jul 08, 2025

CVE-2025-42963 9.1 CRITICAL EPSS 0.00

A critical vulnerability in SAP NetWeaver Application server for Java Log Viewer enables authenticated administrator users to exploit unsafe Java object deserialization. Successful exploitation can lead to full operating system compromise, granting attackers complete control over the affected system. This results in a severe impact on the confidentiality, integrity, and availability of the application and host environment.

CWE-502 Jul 08, 2025

CVE-2025-6811 9.8 CRITICAL EPSS 0.01

Mescius ActiveReports.NET TypeResolutionService Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mescius ActiveReports.NET. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the TypeResolutionService class. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25397.

CWE-502 Jul 07, 2025

CVE-2025-6810 9.8 CRITICAL EPSS 0.01

Mescius ActiveReports.NET ReadValue Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mescius ActiveReports.NET. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the implementation of the ReadValue method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25246.

CWE-502 Jul 07, 2025

CVE-2025-7099 5.6 MEDIUM EPSS 0.00

A vulnerability has been found in BoyunCMS up to 1.21 on PHP7 and classified as critical. Affected by this vulnerability is an unknown functionality of the file install/install2.php of the component Installation Handler. The manipulation of the argument db_host leads to deserialization. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

CWE-502 Jul 07, 2025

CVE-2025-52828 8.8 HIGH EPSS 0.00

Deserialization of Untrusted Data vulnerability in designthemes Red Art allows Object Injection. This issue affects Red Art: from n/a through 3.7.

CWE-502 Jul 04, 2025

CVE-2025-49417 9.8 CRITICAL EPSS 0.00

Deserialization of Untrusted Data vulnerability in BestWpDeveloper WooCommerce Product Multi-Action allows Object Injection. This issue affects WooCommerce Product Multi-Action: from n/a through 1.3.

CWE-502 Jul 04, 2025

CVE-2025-43713 6.5 MEDIUM EPSS 0.00

ASNA Assist and ASNA Registrar before 2025-03-31 allow deserialization attacks against .NET remoting. These are Windows system services that support license key management and deprecated Windows network authentication. The services are implemented with .NET remoting and can be exploited via well-known deserialization techniques inherent in the technology. Because the services run with SYSTEM-level rights, exploits can be crafted to achieve escalation of privilege and arbitrary code execution. This affects DataGate for SQL Server 17.0.36.0 and 16.0.89.0, DataGate Component Suite 17.0.36.0 and 16.0.89.0, DataGate Monitor 17.0.26.0 and 16.0.65.0, DataGate WebPak 17.0.37.0 and 16.0.90.0, Monarch for .NET 11.4.50.0 and 10.0.62.0, Encore RPG 4.1.36.0, Visual RPG .NET FW 17.0.37.0 and 16.0.90.0, Visual RPG .NET FW Windows Deployment 17.0.36.0 and 16.0.89.0, WingsRPG 11.0.38.0 and 10.0.95.0, Mobile RPG 11.0.35.0 and 10.0.94.0, Monarch Framework for .NET FW 11.0.36.0 and 10.0.89.0, Browser Terminal 17.0.37.0 and 16.0.90.0, Visual RPG Classic 5.2.7.0 and 5.1.17.0, Visual RPG Deployment 5.2.7.0 and 5.1.17.0, and DataGate Studio 17.0.38.0 and 16.0.104.0.

CWE-502 Jul 03, 2025

CVE-2025-34067 EXPLOITED EPSS 0.03

An unauthenticated remote command execution vulnerability exists in the applyCT component of the Hikvision Integrated Security Management Platform due to the use of a vulnerable version of the Fastjson library. The endpoint /bic/ssoService/v1/applyCT deserializes untrusted user input, allowing an attacker to trigger Fastjson's auto-type feature to load arbitrary Java classes. By referencing a malicious class via an LDAP URL, an attacker can achieve remote code execution on the underlying system. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.

CWE-502 Jul 02, 2025

CVE-2024-13786 9.8 CRITICAL EPSS 0.01

The education theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.6.10 via deserialization of untrusted input in the 'themerex_callback_view_more_posts' function. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present.

CWE-502 Jul 02, 2025

CVE-2025-6464 7.5 HIGH EPSS 0.01

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.44.2 via deserialization of untrusted input in the 'entry_delete_upload_files' function. This makes it possible for unauthenticated attackers to inject a PHP Object through a PHAR file. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. Deserialization occurs when the form submission is deleted, whether by an Administrator or via auto-deletion determined by plugin settings.

CWE-502 Jul 02, 2025

CVE-2025-34060 EPSS 0.01

A PHP objection injection vulnerability exists in the Monero Project’s Laravel-based forum software due to unsafe handling of untrusted input in the /get/image/ endpoint. The application passes a user-supplied link parameter directly to file_get_contents() without validation. MIME type checks using PHP’s finfo can be bypassed via crafted stream filter chains that prepend spoofed headers, allowing access to internal Laravel configuration files. An attacker can extract the APP_KEY from config/app.php, forge encrypted cookies, and trigger unsafe unserialize() calls, leading to reliable remote code execution.

CWE-502 Jul 01, 2025

CVE-2025-53416 7.8 HIGH EPSS 0.01

Delta Electronics DTN Soft Project File Parsing Deserialization of Untrusted Data Remote Code Execution

CWE-502 Jun 30, 2025

CVE-2025-53415 7.8 HIGH EPSS 0.01

Delta Electronics DTM Soft Project File Parsing Deserialization of Untrusted Data Remote Code Execution

CWE-502 Jun 30, 2025

CVE-2025-53393 6.0 MEDIUM EPSS 0.00

In Akka through 2.10.6, akka-cluster-metrics uses Java serialization for cluster metrics.

CWE-502 Jun 28, 2025

CVE-2025-32897 9.8 CRITICAL 1 PoC Analysis EPSS 0.00

Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This security vulnerability is the same as CVE-2024-47552, but the version range described in the CVE-2024-47552 definition is too narrow. This issue affects Apache Seata (incubating): from 2.0.0 before 2.3.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue.

CWE-502 Jun 28, 2025

CVE-2025-52827 8.8 HIGH EPSS 0.00

Deserialization of Untrusted Data vulnerability in uxper Nuss allows Object Injection. This issue affects Nuss: from n/a through 1.3.3.

CWE-502 Jun 27, 2025

CVE-2025-52826 8.8 HIGH EPSS 0.00

Deserialization of Untrusted Data vulnerability in uxper Sala allows Object Injection. This issue affects Sala: from n/a through 1.1.3.

CWE-502 Jun 27, 2025

CVE-2025-52725 9.8 CRITICAL EPSS 0.00

Deserialization of Untrusted Data vulnerability in pebas CouponXxL allows Object Injection. This issue affects CouponXxL: from n/a through 3.0.0.

CWE-502 Jun 27, 2025