Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1668

1668 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-3422 e-Excellence|U-Office Force - Insecure Deserialization — U-Office Force 9.8 Critical2026-03-02
CVE-2026-2471 WP Mail Logging <= 1.15.0 - Unauthenticated PHP Object Injection via Email Log Message Field — WP Mail Logging 7.5 High2026-02-28
CVE-2026-27776 NTT DATA INTRAMART intra-mart Accel Platform 代码问题漏洞 — intra-mart Accel Platform 8.8 -2026-02-27
CVE-2026-3071 flair 安全漏洞 — Flair 8.4 High2026-02-26
CVE-2026-28138 WordPress uListing plugin <= 2.2.0 - PHP Object Injection vulnerability — uListing 9.8AICriticalAI2026-02-26
CVE-2026-27830 c3p0 vulnerable to Remote Code Execution via unsafe deserialization of userOverridesAsString property — c3p0 9.8AICriticalAI2026-02-26
CVE-2026-27794 LangGraph: BaseCache Deserialization of Untrusted Data may lead to Remote Code Execution — langgraph-checkpoint 6.6 Medium2026-02-25
CVE-2026-26222 DocLink .NET Remoting Unauthenticated Arbitrary File Read/Write RCE — Altec DocLink 9.1AICriticalAI2026-02-24
CVE-2026-25747 Apache Camel LevelDB: Deserialization of Untrusted Data in Camel LevelDB — Apache Camel LevelDB 8.8AIHighAI2026-02-23
CVE-2026-2970 datapizza-labs datapizza-ai cache.py RedisCache deserialization — datapizza-ai 4.6 Medium2026-02-23
CVE-2026-2898 funadmin Backend Endpoint AuthCloudService.php getMember deserialization — funadmin 5.5 Medium2026-02-22
CVE-2026-27206 Zumba Json Serializer has a potential PHP Object Injection via Unrestricted @type in unserialize() — json-serializer 8.1 High2026-02-21
CVE-2026-2036 GFI Archiver MArc.Store Deserialization of Untrusted Data Remote Code Execution Vulnerability — Archiver 8.8AIHighAI2026-02-20
CVE-2026-2037 GFI Archiver MArc.Core Deserialization of Untrusted Data Remote Code Execution Vulnerability — Archiver 8.8AIHighAI2026-02-20
CVE-2026-24892 openITCOCKPIT has Unsafe Deserialization in openITCOCKPIT Changelog Handling — openITCOCKPIT 7.5 High2026-02-20
CVE-2026-24891 openITCOCKPIT has Unsafe PHP Deserialization in Gearman Worker Allowing Conditional Object Injection — openITCOCKPIT 7.5 High2026-02-20
CVE-2026-22384 WordPress Applay - Shortcodes plugin <= 3.7 - PHP Object Injection vulnerability — Applay - Shortcodes 9.8 Critical2026-02-20
CVE-2026-22354 WordPress Woocommerce Category Banner Management plugin <= 2.5.1 - PHP Object Injection vulnerability — Woocommerce Category Banner Management 9.8AICriticalAI2026-02-20
CVE-2026-22345 WordPress Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery plugin <= 1.6.0 - PHP Object Injection vulnerability — Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery 9.8AICriticalAI2026-02-20
CVE-2026-22346 WordPress Slider Responsive Slideshow – Image slider, Gallery slideshow plugin <= 1.5.4 - PHP Object Injection vulnerability — Slider Responsive Slideshow – Image slider, Gallery slideshow 9.8AICriticalAI2026-02-20
CVE-2025-69404 WordPress Extreme Store theme <= 1.5.10 - PHP Object Injection vulnerability — Extreme Store 9.8AICriticalAI2026-02-20
CVE-2025-69405 WordPress Lorem Ipsum | Books & Media Store theme <= 1.2.11 - PHP Object Injection vulnerability — Lorem Ipsum | Books & Media Store 9.8AICriticalAI2026-02-20
CVE-2025-69382 WordPress Themesflat Elementor plugin <= 1.0.1 - PHP Object Injection vulnerability — Themesflat Elementor 8.8AIHighAI2026-02-20
CVE-2025-69372 WordPress SevenHills theme <= 1.6.2 - PHP Object Injection vulnerability — SevenHills 9.8AICriticalAI2026-02-20
CVE-2025-69371 WordPress KindlyCare theme <= 1.6.1 - PHP Object Injection vulnerability — KindlyCare 9.8AICriticalAI2026-02-20
CVE-2025-69370 WordPress Capella theme <= 2.5.5 - PHP Object Injection vulnerability — Capella 9.8AICriticalAI2026-02-20
CVE-2025-69328 WordPress Booking and Rental Manager plugin <= 2.5.9 - PHP Object Injection vulnerability — Booking and Rental Manager 9.8AICriticalAI2026-02-20
CVE-2025-69329 WordPress Prestige theme < 1.4.1 - PHP Object Injection vulnerability — Prestige 9.8AICriticalAI2026-02-20
CVE-2025-69301 WordPress PhotoMe theme <= 5.6.11 - PHP Object Injection vulnerability — PhotoMe 9.8AICriticalAI2026-02-20
CVE-2025-69294 WordPress PeakShops theme <= 1.5.9 - PHP Object Injection vulnerability — PeakShops 7.2AIHighAI2026-02-20

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1668 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.