Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 302— Search: 反序列化×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Boltz Insecure Deserialization RCE (CVE-2025-70560)
github.com · 2026-02-21

### Key Information - **Vulnerability Title** - Boltz contains an insecure deserialization vulnerability in its molecule loading functionality - **CVE ID** - CVE-2025-70560 - **GHSA ID** - GHSA-fjm6-8…

Read more
openITCOCKPIT 5.3.1 Unsafe PHP Deserialization in Gearman Worker (CVE-2026-24891)
github.com · 2026-02-21

### Critical Vulnerability Information #### Vulnerability Overview - **Vulnerability Name**: Unsafe PHP Deserialization in Gearman Worker Allows Conditional Object Injection - **Risk Level**: High - *…

Read more
CVE-2026-26215: manga-image-translator Unsafe Deserialization RCE
www.vulncheck.com · 2026-02-12

- **CVE ID:** CVE-2026-26215 - **Exploit Type:** Shared API Unsafe Deserialization RCE - **Affected Software:** manga-image-translator <= beta-0.3 - **Severity:** Critical - **CVSS v4 Vector:** CVSS:4…

Read more
Custom Registration Form Builder: Potential Deserialization and RCE in PayPal Service
plugins.trac.wordpress.org · 2026-02-21

- **Plugin Name**: Custom Registration Form Builder with Submission Manager - **File Path**: `/custom-registration-form-builder-with-submission-manager/tags/6.0.6.7/services/class_rm_paypal_service.ph…

Read more
NVIDIA NeMo Framework CVE-2025-33253 Deserialization Vulnerability
nvd.nist.gov · 2026-02-21

### Key Information #### Description - **CVE ID:** CVE-2025-33253 - **Description:** The NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by convincin…

Read more
CVE-2026-26220: Unauthenticated RCE via Pickle Deserialization in LightLLM
github.com · 2026-02-21

# CVE-2026-26220: Unauthenticated RCE via Pickle Deserialization in PD WebSocket Endpoints ## Summary - **CVE**: CVE-2026-26220 - **CVSS 4.0**: 9.3 Critical (AV:N/AC:L/AT:N/PR:N/UI:N/N:VC:H/VI:H/VA:H/…

Read more
NVIDIA NeMo Framework Deserialization RCE (CVE-2025-33252)
www.cve.org · 2026-02-21

- **CVE ID**: CVE-2025-33252 - **CNA**: NVIDIA Corporation - **Published Date**: 2026-02-18 - **Updated Date**: 2026-02-18 - **Description**: NVIDIA NeMo Framework contains a vulnerability where an at…

Read more
NVIDIA NeMo Framework Deserialization Vulnerability (CVE-2025-33243)
www.cve.org · 2026-02-21

### Critical Vulnerability Information - **CVE Identifier:** CVE-2025-33243 - **Published Date:** 2026-02-18 - **Updated Date:** 2026-02-18 - **Vendor:** NVIDIA - **Product:** NeMo Framework - **Affec…

Read more
zyddnys/manga-image-translator Unsafe Pickle Deserialization RCE
github.com · 2026-02-12

### Key Information #### Vulnerability Description - **Type**: RCE (Remote Code Execution) due to insecure Pickle deserialization - **Affected Project**: zyddnys/manga-image-translator - **Affected En…

Read more
Infoblox NIOS High-Severity Vulnerabilities: Arbitrary File Write (CVE-2025-61879) and Insecure Deserialization RCE (CVE
support.infoblox.com · 2026-02-13

- **Vulnerability Details** - **CVEs:** CVE-2025-61879, CVE-2025-61880 - **Affected Versions:** - NIOS - Version 8.5.2 - NIOS - Version 8.6.x - NIOS - Version 9.0.1, 9.0.2, 9.0.3, 9.0.4, 9.0.5, 9.0.6 …

Read more
mylittleforum Phar Deserialization Arbitrary File Deletion (CVE-2026-25923)
github.com · 2026-02-10

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **Vulnerability Overview**: - **Vulnerability Title**: Phar Deserialization leading to Arbitrary File Dele…

Read more
CVE-2026-2113: tpadmin WebUploader Deserialization Vulnerability
vuldb.com · 2026-02-08

## Vulnerability Key Information - **Vulnerability Identifier:** - VDB-344688 - CVE-2026-2113 - GCVE-100-344688 - **Vulnerability Summary:** - A critical vulnerability has been discovered in yuan1994 …

Read more
PowerDocu.Common Insecure Deserialization RCE Vulnerability
github.com · 2026-02-10

## Key Information ### Vulnerability Description - **Type:** Remote Code Execution (RCE) via unsafe deserialization - **Affected Package:** PowerDocu.Common (NuGet) - **Affected Versions:** (flowJSON,…

Read more
python-diskcache CVE-2025-69872 Unsafe Pickle Deserialization Advisory
github.com · 2026-02-12

```md ### Key Information #### CVE-2025-69872: DiskCache Unsafe Pickle Deserialization - **CVE ID**: CVE-2025-69872 - **Vendor**: python-diskcache project - **Product**: DiskCache (python-diskcache) -…

Read more
pdfminer.six CMap Loader Unsafe Deserialization via Pickle (CVE-2025-64512)
github.com · 2026-02-04

## Vulnerability Key Information ### Vulnerability Overview - **CVE ID**: CVE-2025-64512 - **CVSS v3 Score**: 8.3/10 - **Severity**: High ### Vulnerability Details - **Component**: pdfminer.six CMap l…

Read more
Jinja2 Java BeanELResolver Security Fix: Preventing Illegal Access and Code Injection
github.com · 2026-02-05

### Key Information: - **Code Change Report**: This commit modifies the file `Jinja2BeanELResolverTest.java` located under the `el/ext` module of the `Jinja2` template engine. - **Changes Made**: The …

Read more
bolo-solo v2.6.4 SnakeYAML Deserialization RCE in import/markdown
github.com · 2026-01-31

### Vulnerability Key Information #### Vulnerability Description In the stable version bolo-solo v2.6.4, there is a deserialization vulnerability in the "import/markdown" path, caused by unsafe YAML l…

Read more
PHPUnit CVE-2026-24765 Unsafe Deserialization in PHPT Cleanup
github.com · 2026-01-28

From the webpage screenshot, the following key vulnerability information can be obtained: ### Vulnerability Overview - **Vulnerability Type**: Insecure Deserialization (CWE-502) - **Affected Component…

Read more
Tendenci Unrestricted Deserialization Vulnerability (CVE-2020-14942) Advisory
github.com · 2026-01-27

### Critical Vulnerability Information - **Vulnerability ID**: CVE-2020-14942 - **CVSS Score**: 9.3/10 (Critical Severity) - **Affected Versions**: - Tendenci Repository Issue: - GitHub Security Advis…

Read more
GPT Academic CVE-2026-0764 Pre-Auth RCE via Untrusted Data Deserialization in Upload Endpoint
www.zerodayinitiative.com · 2026-01-27

### Key Information - **CVE ID**: CVE-2026-0764 - **CVSS Score**: 9.8, AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - **Affected Vendors**: GPT Academic - **Affected Products**: GPT Academic - **Vulnerability …

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.