Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1676

1676 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-33241 NVIDIA Nemo Framework 代码问题漏洞 — NeMo Framework 7.8 High2026-02-18
CVE-2026-26220 LightLLM <= 1.1.0 PD Mode Unsafe Deserialization RCE — LightLLM 9.8AICriticalAI2026-02-17
CVE-2026-2555 JeecgBoot Retrieval-Augmented Generation AiragKnowledgeController.java importDocumentFromZip deserialization — JeecgBoot 5.0 Medium2026-02-16
CVE-2026-26208 ADB Explorer Vulnerable to Remote Code Execution via Insecure Deserialization — ADB-Explorer 7.8 High2026-02-13
CVE-2026-26221 Hyland OnBase Timer Services Unauthenticated .NET Remoting RCE — OnBase Workflow Timer Service 9.8 Critical2026-02-13
CVE-2026-26215 manga-image-translator Shared API Unsafe Deserialization RCE — manga-image-translator 9.8AICriticalAI2026-02-11
CVE-2026-0910 wpForo Forum <= 2.4.13 - Authenticated (Subscriber+) PHP Object Injection — wpForo Forum 8.8 High2026-02-11
CVE-2026-21511 Microsoft Outlook Spoofing Vulnerability — Microsoft 365 Apps for Enterprise 7.5 High2026-02-10
CVE-2026-21531 Azure SDK for Python Remote Code Execution Vulnerability — Azure AI Language Authoring 9.8 Critical2026-02-10
CVE-2026-23685 Insecure Deserialization vulnerability in SAP NetWeaver (JMS service) — SAP NetWeaver (JMS service) 4.4 Medium2026-02-10
CVE-2026-25925 PowerDocu Affected by Remote Code Execution via Insecure Deserialization — PowerDocu 7.8 High2026-02-09
CVE-2026-2113 yuan1994 tpadmin WebUploader preview.php deserialization — tpadmin 7.3 High2026-02-07
CVE-2026-25632 EPyT-Flow has unsafe JSON deserialization (__type__) — EPyT-Flow 10.0 Critical2026-02-06
CVE-2020-37071 CraftCMS 3 vCard Plugin 1.0.0 - Remote Code Execution — CraftCMS 9.8 Critical2026-02-03
CVE-2026-25615 Blesta 代码问题漏洞 — Blesta 7.2 High2026-02-03
CVE-2026-25614 Blesta 代码问题漏洞 — Blesta 7.5 High2026-02-03
CVE-2026-24954 WordPress WpEvently plugin <= 5.0.8 - Deserialization of untrusted data vulnerability — WpEvently 8.8 High2026-02-03
CVE-2026-1691 bolo-solo SnakeYAML BackupService.java importMarkdownsSync deserialization — bolo-solo 6.3 Medium2026-01-30
CVE-2025-40553 SolarWinds Web Help Desk Deserialization of Untrusted Data Remote Code Execution Vulnerability — Web Help Desk 9.8 Critical2026-01-28
CVE-2025-40551 SolarWinds Web Help Desk Deserialization of Untrusted Data Remote Code Execution Vulnerability — Web Help Desk 9.8 Critical2026-01-28
CVE-2026-24765 PHPUnit Vulnerable to Unsafe Deserialization in PHPT Code Coverage Handling — phpunit 7.8 High2026-01-27
CVE-2026-24747 PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files — pytorch 8.8 High2026-01-27
CVE-2026-24656 Apache Karaf: Decanter log-socket collector has deserialization vulnerability — Apache Karaf 9.1AICriticalAI2026-01-26
CVE-2025-15351 Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability — VectorStar 7.8 -2026-01-23
CVE-2025-15350 Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability — VectorStar 7.8 -2026-01-23
CVE-2025-15348 Anritsu ShockLine CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability — ShockLine 7.8 -2026-01-23
CVE-2026-0773 Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability — Upsonic 9.8 -2026-01-23
CVE-2026-0772 Langflow Disk Cache Deserialization of Untrusted Data Remote Code Execution Vulnerability — Langflow 8.8 -2026-01-23
CVE-2026-0764 GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vulnerability — GPT Academic 9.8 -2026-01-23
CVE-2026-0763 GPT Academic run_in_subprocess_wrapper_func Deserialization of Untrusted Data Remote Code Execution Vulnerability — GPT Academic 9.8 -2026-01-23

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1676 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.