Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-502 (可信数据的反序列化) — Vulnerability Class 1668

1668 vulnerabilities classified as CWE-502 (可信数据的反序列化). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-68853 WordPress Contact Manager plugin <= 9.1.1 - PHP Object Injection vulnerability — Contact Manager 8.8 High2026-02-20
CVE-2025-68541 WordPress Ippsum theme <= 1.2.0 - PHP Object Injection vulnerability — Ippsum 8.8AIHighAI2026-02-20
CVE-2025-68526 WordPress Modal Popup Box plugin <= 1.6.1 - PHP Object Injection vulnerability — Modal Popup Box 9.8AICriticalAI2026-02-20
CVE-2025-68531 WordPress ModelTheme Addons for WPBakery and Elementor plugin < 1.5.6 - PHP Object Injection vulnerability — ModelTheme Addons for WPBakery and Elementor 9.8AICriticalAI2026-02-20
CVE-2025-67997 WordPress Travelicious theme < 1.6.7 - PHP Object Injection vulnerability — Travelicious 9.8AICriticalAI2026-02-20
CVE-2025-67995 WordPress PatioTime theme < 2.1 - PHP Object Injection vulnerability — PatioTime 9.8AICriticalAI2026-02-20
CVE-2025-67996 WordPress Nestin theme < 1.2.6 - PHP Object Injection vulnerability — Nestin 9.8AICriticalAI2026-02-20
CVE-2026-25316 WordPress CartFlows plugin <= 2.1.19 - PHP Object Injection vulnerability — CartFlows 9.8AICriticalAI2026-02-19
CVE-2026-23549 WordPress WpEvently plugin <= 5.1.1 - PHP Object Injection vulnerability — WpEvently 9.8AICriticalAI2026-02-19
CVE-2026-23542 WordPress Grand Restaurant theme <= 7.0.10 - PHP Object Injection vulnerability — Grand Restaurant 8.8AIHighAI2026-02-19
CVE-2026-23544 WordPress Valenti theme <= 5.6.3.5 - PHP Object Injection vulnerability — Valenti 9.8AICriticalAI2026-02-19
CVE-2026-22333 WordPress YITH WooCommerce Compare plugin <= 3.6.0 - Deserialization of untrusted data vulnerability — YITH WooCommerce Compare 9.8AICriticalAI2026-02-19
CVE-2025-15579 An Insecure Deserialization vulnerability has been discovered in OpenText™ Directory Services. — Directory Services 8.8AIHighAI2026-02-18
CVE-2026-1426 Advanced AJAX Product Filters <= 3.1.9.6 - Authenticated (Author+) PHP Object Injection via Live Composer Compatibility — Advanced AJAX Product Filters 8.8 High2026-02-18
CVE-2025-60038 Bosch Rexroth IndraWorks 安全漏洞 — IndraWorks 7.8 High2026-02-18
CVE-2025-60037 Bosch Rexroth IndraWorks 安全漏洞 — IndraWorks 7.8 High2026-02-18
CVE-2025-60036 Bosch Rexroth IndraWorks 安全漏洞 — IndraWorks 7.8 High2026-02-18
CVE-2025-60035 Bosch Rexroth IndraWorks 安全漏洞 — IndraWorks 7.8 High2026-02-18
CVE-2025-33253 NVIDIA Nemo Framework 代码问题漏洞 — NeMo Framework 7.8 High2026-02-18
CVE-2025-33252 NVIDIA Nemo Framework 代码问题漏洞 — NeMo Framework 7.8 High2026-02-18
CVE-2025-33245 NVIDIA Nemo Framework 代码问题漏洞 — NeMo Framework 8.0 High2026-02-18
CVE-2025-33243 NVIDIA Nemo Framework 代码问题漏洞 — NeMo Framework 7.8 High2026-02-18
CVE-2025-33241 NVIDIA Nemo Framework 代码问题漏洞 — NeMo Framework 7.8 High2026-02-18
CVE-2026-26220 LightLLM <= 1.1.0 PD Mode Unsafe Deserialization RCE — LightLLM 9.8AICriticalAI2026-02-17
CVE-2026-2555 JeecgBoot Retrieval-Augmented Generation AiragKnowledgeController.java importDocumentFromZip deserialization — JeecgBoot 5.0 Medium2026-02-16
CVE-2026-26208 ADB Explorer Vulnerable to Remote Code Execution via Insecure Deserialization — ADB-Explorer 7.8 High2026-02-13
CVE-2026-26221 Hyland OnBase Timer Services Unauthenticated .NET Remoting RCE — OnBase Workflow Timer Service 9.8 Critical2026-02-13
CVE-2026-26215 manga-image-translator Shared API Unsafe Deserialization RCE — manga-image-translator 9.8AICriticalAI2026-02-11
CVE-2026-0910 wpForo Forum <= 2.4.13 - Authenticated (Subscriber+) PHP Object Injection — wpForo Forum 8.8 High2026-02-11
CVE-2026-21511 Microsoft Outlook Spoofing Vulnerability — Microsoft 365 Apps for Enterprise 7.5 High2026-02-10

Vulnerabilities classified as CWE-502 (可信数据的反序列化) represent 1668 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.