Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-502

CWE-502

Medium likelihood

Deserialization of Untrusted Data

Parent: CWE-913 - Improper Control of Dynamically-Managed Code Resources

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

2,741 vulnerabilities with CWE-502

CVE-2026-3422 CRITICAL

U-Office Force < 29.50 - Unauthenticated Remote Code Execution via Insecure Deserialization

CVE-2026-2471 HIGH

WP Mail Logging <=1.15.0 - Deserialization

CVE-2026-1542 MEDIUM

Super Stage WP WordPress Plugin <1.0.1 - Deserialization

CVE-2026-21619 HIGH

hex_core < 0.12.1, hex < 2.3.2, rebar3 < 3.27.0 - Resource Consumption & Untrusted Data Deserialization

CVE-2026-27776 HIGH

intra-mart Accel Platform IM-LogicDesigner - Deserialization

CVE-2026-3071 HIGH

Flair 0.4.1-latest - Deserialization

CVE-2026-28138 HIGH

Stylemix uListing <= 2.2.0 - PHP Object Injection via Untrusted Data Deserialization

CVE-2026-27830 HIGH

c3p0 <0.12.0 - Deserialization

CVE-2026-27794 MEDIUM

LangGraph Checkpoint <4.0.0 - Deserialization

CVE-2026-26222 CRITICAL

Altec DocLink 4.0.336.0 - Deserialization

CVE-2026-21665 HIGH

Fiserv Originate Loans Peripherals 2021.2.4 - Deserialization

CVE-2026-25747 HIGH

Apache Camel LevelDB - Deserialization

CVE-2026-2970 MEDIUM

datapizza-ai 0.0.2 - Deserialization

CVE-2026-2898 MEDIUM

funadmin <7.1.0-rc4 - Deserialization

CVE-2026-27206 HIGH

Zumba Json Serializer <=3.2.2 - Deserialization

CVE-2026-2037 HIGH

GFI Archiver - Remote Code Execution via MArc.Core Remoting Deserialization

CVE-2026-2036 HIGH

GFI Archiver - Remote Code Execution via MArc.Store Deserialization

CVE-2026-24892 HIGH

openITCOCKPIT <=5.3.1 - Deserialization

CVE-2026-24891 HIGH

openITCOCKPIT <=5.3.1 - Deserialization

CVE-2026-22384 CRITICAL

Applay - Shortcodes <=3.7 - Deserialization

CVE-2026-22354 HIGH

Woocommerce Category Banner Management <=2.5.1 - Deserialization

CVE-2026-22346 HIGH

Slider Responsive Slideshow <=1.5.4 - Deserialization

CVE-2026-22345 HIGH

A WP Life Image Gallery <=1.6.0 - Deserialization

CVE-2026-27475 HIGH

SPIP 4.4.0-4.4.8 - Insecure Deserialization via table_valeur Filter and DATA Iterator

CVE-2026-25316 HIGH

CartFlows <=2.1.19 - Deserialization

Previous Page 13 of 110 Next

Details

Vulnerabilities 2,741

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy