Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-502

CWE-502

Medium likelihood

Deserialization of Untrusted Data

Parent: CWE-913 - Improper Control of Dynamically-Managed Code Resources

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

2,594 vulnerabilities with CWE-502

CVE-2026-0726 HIGH

Nexter Extension - Site Enhancements Toolkit <4.4.6 - Code Injection

CVE-2026-0895 MEDIUM

Cpsit Typo3-mailqueue < 0.4.3 - Insecure Deserialization

CVE-2026-23746 CRITICAL

Entrust Instant Financial Issuance (IFI) On Premise <6.10.5-6.11.1 ...

CVE-2026-21226 HIGH

Azure Core < - Code Injection

CVE-2026-20963 CRITICAL KEV

Microsoft Office SharePoint - Code Injection

CVE-2026-0859 HIGH

Typo3 < 10.4.55 - Insecure Deserialization

CVE-2026-22612 HIGH

Trailofbits Fickling < 0.1.7 - Insecure Deserialization

CVE-2026-22609 HIGH

Fickling <0.1.7 - Code Injection

CVE-2026-22608 HIGH

Fickling <0.1.7 - RCE

CVE-2026-22607 HIGH

Fickling <0.1.6 - Code Injection

CVE-2026-22606 HIGH

Fickling <0.1.6 - Code Injection

CVE-2026-22187 HIGH

OME Pom-bio-formats - Insecure Deserialization

CVE-2025-60887 MEDIUM

Cista <=0.15 - Info Disclosure

CVE-2025-62233 MEDIUM

Apache DolphinScheduler: Deserialization of untrusted data in RPC

CVE-2025-62373 CRITICAL

Pipecat vulnerable to Remote Code Execution by Pickle Deserialization via LivekitFrameSerializer

CVE-2025-15610 CRITICAL

OpenText RightFax through 25.4 - Deserialization

CVE-2025-33248 HIGH

Nvidia Megatron LM - Information Disclosure

CVE-2025-33247 HIGH

Nvidia Megatron LM - Remote Code Execution

CVE-2025-33244 CRITICAL

Nvidia Apex - Denial of Service

CVE-2025-71260 HIGH

BMC FootPrints ITSM 20.20.02 <= 20.24.01.001 VIEWSTATE Deserialization RCE

CVE-2025-60237 CRITICAL

WordPress Finag theme <= 1.5.0 - PHP Object Injection vulnerability

CVE-2025-60233 CRITICAL

WordPress Zuut theme <= 1.4.2 - PHP Object Injection vulnerability

CVE-2025-54920 HIGH

Apache Spark <3.5.7/4.0.1 - Deserialization

CVE-2025-13913 MEDIUM

Inductive Automation Ignition - Info Disclosure

CVE-2025-56422 CRITICAL

LimeSurvey <6.15.0+250623 - Deserialization

Previous Page 10 of 104 Next

Details

Vulnerabilities 2,594

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy