CWE-502
Medium likelihoodDeserialization of Untrusted Data
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
2,741 vulnerabilities with CWE-502
CVE-2026-25400
HIGH
WordPress Apicona theme <= 24.1.0 - PHP Object Injection vulnerability
CVSS 8.8
CVE-2026-25360
HIGH
WordPress Vex theme < 1.2.9 - PHP Object Injection vulnerability
CVSS 8.8
CVE-2026-25359
HIGH
WordPress Pendulum theme < 3.1.5 - PHP Object Injection vulnerability
CVSS 8.8
CVE-2026-25358
HIGH
WordPress Meloo theme < 2.8.2 - PHP Object Injection vulnerability
CVSS 8.8
CVE-2026-25032
CRITICAL
WordPress Ricky theme < 2.31 - PHP Object Injection vulnerability
CVSS 9.8
CVE-2026-25031
CRITICAL
WordPress Tasty Daily theme < 1.27 - PHP Object Injection vulnerability
CVSS 9.8
CVE-2026-25030
CRITICAL
WordPress Goldish theme < 3.47 - PHP Object Injection vulnerability
CVSS 9.8
CVE-2026-25029
CRITICAL
WordPress KIDZ theme <= 5.24 - PHP Object Injection vulnerability
CVSS 9.8
CVE-2026-24989
CRITICAL
WordPress SUMO Affiliates Pro plugin < 11.4.0 - PHP Object Injection vulnerability
CVSS 9.8
CVE-2026-24981
HIGH
WordPress Visionary Core plugin <= 1.4.9 - PHP Object Injection vulnerability
CVSS 8.8
CVE-2026-24978
HIGH
WordPress Jobica Core plugin <= 1.4.1 - PHP Object Injection vulnerability
CVSS 8.8
CVE-2026-24976
HIGH
WordPress Organici Library plugin <= 2.1.2 - PHP Object Injection vulnerability
CVSS 8.8
CVE-2026-24974
HIGH
WordPress CitiLights theme <= 3.7.1 - PHP Object Injection vulnerability
CVSS 8.8
CVE-2026-24378
CRITICAL
WordPress EventPrime plugin <= 4.2.8.0 - PHP Object Injection vulnerability
CVSS 9.8
CVE-2026-23971
HIGH
WordPress WoodMart theme <= 8.3.8 - PHP Object Injection vulnerability
CVSS 8.1
CVE-2026-22510
HIGH
WordPress Melody theme <= 1.6.3 - PHP Object Injection vulnerability
CVSS 8.1
CVE-2026-22507
CRITICAL
WordPress Beelove theme <= 1.2.6 - PHP Object Injection vulnerability
CVSS 9.8
CVE-2026-22505
HIGH
WordPress Morning Records theme <= 1.2 - PHP Object Injection vulnerability
CVSS 8.1
CVE-2026-22500
CRITICAL
WordPress m2 | Construction and Tools Store theme <= 1.1.2 - PHP Object Injection vulnerability
CVSS 9.8
CVE-2026-22480
HIGH
WordPress Product Feed for WooCommerce plugin <= 2.3.3 - PHP Object Injection vulnerability
CVSS 7.2
CVE-2026-24159
HIGH
NVIDIA NeMo Framework < 2.6.2 - Remote Code Execution via Untrusted Data Deserialization
CVSS 7.8
CVE-2026-24157
HIGH
NVIDIA NeMo Framework < 2.6.2 - Remote Code Execution via Checkpoint Loading
CVSS 7.8
CVE-2026-24152
HIGH
NVIDIA Megatron LM < 0.15.3 - Remote Code Execution via Checkpoint Loading
CVSS 7.8
CVE-2026-24151
HIGH
NVIDIA Megatron LM < 0.15.3 - Remote Code Execution via Malicious Input Deserialization
CVSS 7.8
CVE-2026-24150
HIGH
NVIDIA Megatron LM < 0.15.3 - Remote Code Execution via Checkpoint Loading
CVSS 7.8
Details
Vulnerabilities
2,741
Exploit Likelihood
Medium