CWE-502
Medium likelihoodDeserialization of Untrusted Data
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
2,594 vulnerabilities with CWE-502
CVE-2026-21511
HIGH
Microsoft 365 Apps < 16.0.19127.20518 - Insecure Deserialization
CVSS 7.5
CVE-2026-23685
MEDIUM
SAP NetWeaver - Deserialization
CVSS 4.4
CVE-2026-25925
HIGH
PowerDocu <2.4.0 - Code Injection
CVSS 7.8
CVE-2026-25923
CRITICAL
my little forum <20260208.1 - Code Injection
CVSS 9.1
CVE-2026-2113
HIGH
yuan1994 tpadmin <1.3.12 - Deserialization
CVSS 7.3
CVE-2026-25632
CRITICAL
Pypi Epyt-flow < 0.16.1 - Insecure Deserialization
CVSS 10.0
CVE-2026-25615
HIGH
Phillipsdata Blesta < 5.13.3 - Insecure Deserialization
CVSS 7.2
CVE-2026-25614
HIGH
Phillipsdata Blesta < 5.13.2 - Insecure Deserialization
CVSS 7.5
CVE-2026-24954
HIGH
WpEvently <5.0.8 - Code Injection
CVSS 8.8
CVE-2026-1691
MEDIUM
Bolo-Solo <2.6.4 - Deserialization
CVSS 6.3
CVE-2026-24765
HIGH
Phpunit < 8.5.52 - Insecure Deserialization
CVSS 7.8
CVE-2026-24747
HIGH
Linuxfoundation Pytorch < 2.10.0 - Insecure Deserialization
CVSS 8.8
CVE-2026-24815
CRITICAL
datavane tis <4.3.0 - Deserialization
CVE-2026-23864
HIGH
React Server Components - DoS
CVSS 7.5
CVE-2026-24656
LOW
Apache Karaf Decanter - Deserialization
CVSS 3.7
CVE-2026-0773
CRITICAL
Upsonic - Deserialization
CVSS 9.8
CVE-2026-0772
HIGH
Langflow Disk Cache - Deserialization
CVSS 7.5
CVE-2026-0764
CRITICAL
GPT Academic - Deserialization
CVSS 9.8
CVE-2026-0763
CRITICAL
GPT Academic - Deserialization
CVSS 9.8
CVE-2026-0762
HIGH
GPT Academic - Deserialization
CVSS 8.1
CVE-2026-0760
CRITICAL
Foundation Agents MetaGPT - Deserialization
CVSS 9.8
CVE-2026-24009
HIGH
Docling Core <2.48.4 - RCE
CVSS 8.1
CVE-2026-23946
MEDIUM
Tendenci <15.3.11 - Authenticated RCE
CVSS 6.8
CVE-2026-23737
HIGH
Seroval <1.4.0 - RCE
CVSS 7.5
CVE-2026-23524
CRITICAL
Laravel Reverb <1.6.3 - RCE
CVSS 9.8
Details
Vulnerabilities
2,594
Exploit Likelihood
Medium