Falhas do tipo CWE-502
2.250 resultadosCVE-2026-25550CRITICALSeagull Software BarTender Unauthenticated RCE via .NET Remoting ServiceEPSS 0.7%CVE-2024-54136CRITICALUntrusted Deserialization in ClipBucket-v5 Version 5.5.1 Revision 199 and BelowEPSS 0.7%CVE-2023-49772CRITICALWordPress Genesis Simple Love Plugin <= 2.0 is vulnerable to PHP Object InjectionEPSS 0.7%CVE-2023-7018CRITICALDeserialization of Untrusted Data in huggingface/transformersEPSS 0.7%CVE-2023-49773CRITICALWordPress BCorp Shortcodes Plugin <= 0.23 is vulnerable to PHP Object InjectionEPSS 0.7%CVE-2025-45146CRITICALModelCache for LLM through v0.2.0 was discovered to contain an deserialization vulnerability via the component /manager/data_manager.py. ThiEPSS 0.7%CVE-2024-30224CRITICALWordPress WholesaleX plugin <= 1.3.2 - Unauthenticated PHP Object Injection vulnerabilityEPSS 0.7%CVE-2025-25940CRITICALVisiCut 2.1 allows code execution via Insecure XML Deserialization in the loadPlfFile method of VisicutModel.java.EPSS 0.7%CVE-2022-3291MEDIUMSerialization of sensitive data in GitLab EE affecting all versions from 14.9 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.EPSS 0.7%CVE-2025-32569CRITICALWordPress TableOn plugin <= 1.0.4.3 - PHP Object Injection vulnerabilityEPSS 0.7%CVE-2025-32568CRITICALWordPress EmpikPlace for Woocommerce Plugin <= 1.4.3 - PHP Object Injection vulnerabilityEPSS 0.7%CVE-2024-5726HIGHTimeline Event History <= 3.1 - Authenticated (Contributor+) PHP Object InjectionEPSS 0.7%CVE-2025-32607CRITICALWordPress WpBookingly plugin <= 1.3.0 - PHP Object Injection vulnerabilityEPSS 0.7%CVE-2024-53673HIGHA java deserialization vulnerability in HPE Remote Insight Support may allow an unauthenticated attacker to execute code.EPSS 0.7%CVE-2024-3431MEDIUMEyouCMS Backend deserializationEPSS 0.7%CVE-2025-42963CRITICALInsecure Deserialization in SAP NetWeaver Application Server for Java (Log Viewer )EPSS 0.7%CVE-2026-12046CRITICALpgAdmin 4: Unauthenticated pickle deserialization in SQL Editor close / update_connection routes enables remote code executionEPSS 0.7%CVE-2026-35171CRITICALArbitrary Code Execution via Malicious Logging Configuration in KedroEPSS 0.7%CVE-2024-0960MEDIUMflink-extended ai-flow workflow_command.py cloudpickle.loads deserializationEPSS 0.7%CVE-2024-0959MEDIUMStanfordVL GibsonEnv pposgd_fuse.py cloudpickle.load deserializationEPSS 0.7%