← back
CVE-2026-11463

USCiLab Cereal Shared Pointer type confusion

CVSS 6.3 MEDIUMEPSS 0.3%CWE-843
A vulnerability was determined in USCiLab Cereal up to 1.3.2. Affected is an unknown function of the component Shared Pointer Handler. Executing a manipulation can lead to type confusion. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure.
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Affected products
USCiLab · Cereal
public PoCs found1
cve_referencegist.github.com/TrebledJ/0223c1fa3c3fd64e2c7047b8a4385ec0unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://gist.github.com/TrebledJ/0223c1fa3c3fd64e2c7047b8a4385ec0https://github.com/USCiLab/cereal/https://github.com/USCiLab/cereal/issues/870https://vuldb.com/cve/CVE-2026-11463https://vuldb.com/submit/814456https://vuldb.com/vuln/369083https://vuldb.com/vuln/369083/cti