81 matches found
CVE-2019-16891
Liferay Portal CE 6.2.5 allows remote command execution because of deserialization of a JSON payload...
CVE-2025-64439 LangGraph Checkpoint affected by RCE in "json" mode of JsonPlusSerializer
LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. In versions 2.1.2 and below, the JsonPlusSerializer used as the default serialization protocol for all checkpointing contains a Remote Code Execution RCE...
CVE-2025-64439 LangGraph Checkpoint affected by RCE in "json" mode of JsonPlusSerializer
LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. In versions 2.1.2 and below, the JsonPlusSerializer used as the default serialization protocol for all checkpointing contains a Remote Code Execution RCE...
langgraph 代码问题漏洞
langgraph is a large modeling framework open-sourced by LangChain. A code issue vulnerability exists in langgraph version 2.1.2 and below, which stems from a remote code execution vulnerability in JsonPlusSerializer when deserializing payloads saved in json mode...
PT-2025-45384
Name of the Vulnerable Software and Affected Versions LangGraph versions 2.1.2 and below Description LangGraph’s SQLite Checkpoint, which utilizes SQLite databases for checkpoint saving, contains a Remote Code Execution RCE issue in the JsonPlusSerializer when deserializing payloads saved in "jso...
CVE-2025-50739
iib0011 omni-tools v0.4.0 is vulnerable to remote code execution via unsafe JSON deserialization...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS via the processing of malicious JSON payloads in the request handling process. An attacker can exhaust system memory and CPU resources by sending specially crafted JSON objects that, when deserialized, consume...
OpenBao 资源管理错误漏洞
OpenBao is OpenBao open source a sensitive data management software . OpenBao version 2.4.1 before the resource management error vulnerability , the vulnerability stems from the JSON object deserialization may occupy too much memory , an attacker can use this vulnerability to cause a denial of...
EUVD-2020-17950
Malware in sbrugna...
EUVD-2017-18359
Malware in sbrugna...
EUVD-2022-4645
Malicious code in bioql PyPI...
EUVD-2023-57520
Malicious code in bioql PyPI...
📄 Wazuh Server Remote Code Execution
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are serialized as JSON and...
CVE-2024-29032
Qiskit IBM Runtime is an environment that streamlines quantum computations and provides optimal implementations of the Qiskit quantum computing SDK. Starting in version 0.1.0 and prior to version 0.21.2, deserializing json data using qiskitibmruntime.RuntimeDecoder can lead to arbitrary code...
CVE-2023-27531
There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code...
CVE-2020-25260
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to execute arbitrary code because of unsafe JSON deserialization...
CVE-2024-37361
CVE-2024-37361 affects Hitachi Vantara Pentaho Business Analytics Server. The flaw is deserialization of untrusted JSON data caused by not constraining the parser to approved classes/methods, enabling potentially dangerous gadget chains during deserialization. Affected versions include before 10....
CVE-2023-27531
There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code...
CVE-2023-27531
There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code...
CVE-2023-27531
There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code...