Security Intel Hub 393— Search: 反序列化×

TCL 10.0 Insufficient Validation of Serialized Session Data Leading to Memory Safety Issues (CVE-2026-34877)

Based on the provided information, here is the vulnerability intelligence summary extracted and summarized in concise English Markdown format: **1. Vulnerability Overview** * **Title:** Risk of insuff…

Roundcube Redis/RedisCache Session Handler Unsafe Deserialization Arbitrary File Write Fix

### Vulnerability Summary **Vulnerability Overview** A security vulnerability related to unsafe deserialization has been fixed in the Redis/RedisCache session handler of Roundcube email client. The fl…

# Vulnerability Summary ## Overview **Vulnerability Name**: Apache ActiveMQ Remote Code Execution Vulnerability (CVE-2023-46604) **Vulnerability Type**: Remote Code Execution (RCE) **Description**: Th…

NASA cFS Ground System Deserialization RCE via Pickle

# NASA cFS 7.0.0 Code Execution Vulnerability Summary ### Vulnerability Overview * **Vulnerability Type**: Deserialization Vulnerability / Arbitrary Code Execution * **Affected Component**: NASA cFS G…

Modular Max: Fix RCE risk by removing default Pickle serialization in Zmq Sockets

### Key Information Summary #### Vulnerability Description This commit `ee9c4ab` primarily addresses serialization issues in Zmq Sockets, covering the following aspects: 1. **Removal of Default Pickle…

jsonpickle documentation

### jsonpickle Vulnerability Summary #### Vulnerability Overview The jsonpickle module contains security risks when processing data. This module allows users to serialize arbitrary Python objects into…

GPT-SoVITS Multiple Deserialization RCE Vulnerabilities (CVE-2025-49837 to 49841)

### Critical Vulnerability Information #### Vulnerability IDs - GHSL-2025-049 - GHSL-2025-053 #### Vulnerability Type - Remote Code Execution (RCE) #### Affected Component - GPT-SoVITS #### Related CV…

GitHub - jsonpickle/jsonpickle: Python library for serializing any arbitrary object graph into JSON. It can take almost

### jsonpickle Vulnerability Summary #### Overview jsonpickle is a library used to serialize Python objects into JSON format. However, this library contains a critical security vulnerability that allo…

From SQLi to RCE - Exploiting LangGraph’s Checkpointer - Check Point Research

### Vulnerability Overview LangGraph is an open-source framework for building multi-agent AI systems with built-in persistence. The LangGraph persistence layer (Checkpointer) contains two critical vul…

APScheduler JSONSerializer Deserialization RCE (CVE-2026-31072)

# APScheduler JSONSerializer Deserialization Remote Code Execution Vulnerability (CVE-2026-31072) ## Vulnerability Overview APScheduler's `JSONSerializer` (and `CBORSerializer`), although documented a…

systemd CVE-2018-15686: Serialization/Deserialization Vulnerability Fix Analysis

## Vulnerability Key Information - **CVE ID**: CVE-2018-15686 - **Vulnerability Description**: - This Pull Request (PR) introduced an alert indicating a comparison result is always the same, affecting…

MixPHP 2.x Deserialization RCE and SQL Injection (CVE-2026-37552, CVE-2026-42471 through 42475) · GitHub

# MixPHP Framework Deserialization RCE and SQL Injection Vulnerability Summary ## Vulnerability Overview The MixPHP framework contains multiple critical security vulnerabilities, including Remote Code…

Roundcube Fix Unsafe Deserialization Arbitrary File Write and INP Injection

### Vulnerability Overview This update addresses two critical security vulnerabilities: 1. **INP Injection and CRLF Bypass**: A vulnerability exists in the mail search functionality, allowing INP inje…

Apache ActiveMQ CVE-2023-46604 Remote Code Execution Vulnerability Analysis and Mitigation

# Vulnerability Summary ## Vulnerability Overview * **Vulnerability Name**: Apache ActiveMQ Remote Code Execution Vulnerability (CVE-2023-46604) * **Vulnerability Type**: Remote Code Execution (RCE) *…