Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1668

1668 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-24151 NVIDIA Megatron-LM 代码问题漏洞 — Megatron LM 7.8 High2026-03-24
CVE-2026-24150 NVIDIA Megatron-LM 代码问题漏洞 — Megatron LM 7.8 High2026-03-24
CVE-2025-33248 NVIDIA Megatron-LM 代码问题漏洞 — Megatron LM 7.8 High2026-03-24
CVE-2025-33247 NVIDIA Megatron LM 代码问题漏洞 — Megatron LM 7.8 High2026-03-24
CVE-2026-4735 A stack overflow and DoS vulnerability in DTStack/chunjun — chunjun 9.8 -2026-03-24
CVE-2026-4538 PyTorch pt2 Loading deserialization — PyTorch 5.3 Medium2026-03-22
CVE-2026-0677 WordPress TotalContest Lite plugin <= 2.9.1 - PHP Object Injection vulnerability — TotalContest Lite 9.8 -2026-03-20
CVE-2026-29109 SuiteCRM Authenticated Remote Code Execution via Unsafe Deserialization in SavedSearch Filter Processing — SuiteCRM-Core 7.2 -2026-03-19
CVE-2025-71260 BMC FootPrints ITSM 20.20.02 <= 20.24.01.001 VIEWSTATE Deserialization RCE — FootPrints 8.8 High2026-03-19
CVE-2026-25445 WordPress WishList Member X plugin <= 3.29.0 - PHP Object Injection vulnerability — WishList Member X 8.8 High2026-03-19
CVE-2025-60237 WordPress Finag theme <= 1.5.0 - PHP Object Injection vulnerability — Finag 9.8 Critical2026-03-19
CVE-2025-60233 WordPress Zuut theme <= 1.4.2 - PHP Object Injection vulnerability — Zuut 9.8 Critical2026-03-19
CVE-2026-27096 WordPress ColorFolio - Freelance Designer WordPress Theme theme <= 1.3 - Deserialization of untrusted data vulnerability — ColorFolio - Freelance Designer WordPress Theme 8.1 High2026-03-19
CVE-2026-25873 OmniGen2-RL Reward Server Unsafe Deserialization RCE — OmniGen2-RL 9.8 Critical2026-03-18
CVE-2026-25449 WordPress Traveler theme < 3.2.8.1 - PHP Object Injection vulnerability — Traveler 9.8 Critical2026-03-18
CVE-2026-25769 Wazuh Cluster vulnerable to Remote Code Execution via Insecure Deserialization — wazuh 9.1 Critical2026-03-17
CVE-2026-1323 Insecure Deserialization in extension "Mailqueue" (mailqueue) — Extension "Mailqueue" 8.8AIHighAI2026-03-17
CVE-2025-54920 Apache Spark: Spark History Server Code Execution Vulnerability — Apache Spark 8.8 -2026-03-14
CVE-2026-32355 WordPress JetEngine plugin < 3.8.4.1 - Deserialization of untrusted data vulnerability — JetEngine 9.8 -2026-03-13
CVE-2025-13913 Inductive Automation Ignition Software Deserialization of Untrusted Data — Ignition Software 6.3 Medium2026-03-12
CVE-2026-3967 Alfresco Activiti Process Variable Serialization System SerializableType.java createObjectInputStream deserialization — Activiti 6.3 Medium2026-03-12
CVE-2026-22248 GLPI affected by Remote Code Execution via malicious upload — glpi 8.1 High2026-03-11
CVE-2026-1286 Schneider Electric EcoStruxure Foxboro DCS 代码问题漏洞 — EcoStruxure™ Foxboro DCS 7.8AIHighAI2026-03-10
CVE-2026-26114 Microsoft SharePoint Server Remote Code Execution Vulnerability — Microsoft SharePoint Enterprise Server 2016 8.8 High2026-03-10
CVE-2026-25166 Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability — Windows ADK for Windows 10, version 2004 7.8 High2026-03-10
CVE-2025-11739 Schneider Electric EcoStruxure Power Monitoring Expert和Schneider Electric EcoStruxure Power Operation(Schneider Electric EPO) 代码问题漏洞 — EcoStruxure™ Power Monitoring Expert (PME) 7.8AIHighAI2026-03-10
CVE-2026-27685 Insecure Deserialization in SAP NetWeaver Enterprise Portal Administration — SAP NetWeaver Enterprise Portal Administration 9.1 Critical2026-03-10
CVE-2026-2020 JS Archive List <= 6.1.7 - Authenticated (Contributor+) PHP Object Injection via 'included' Shortcode Attribute — JS Archive List 7.5 High2026-03-07
CVE-2026-28277 LangGraph: Unsafe msgpack deserialization in LangGraph checkpoint loading — langgraph 6.8 Medium2026-03-05
CVE-2026-27749 Avira Internet Security System Speedup Insecure Deserialization — Avira Internet Security 7.8 High2026-03-05

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1668 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.