CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added yesterday•4 views

ROOT-APP-MAVEN-CVE-2017-5929 CVE-2017-5929 in io.root.ch.qos.logback:logback-classic - Patched by Root

Root has patched CVE-2017-5929 in the io.root.ch.qos.logback:logback-classic package for Root:Maven. Multiple fixed versions available...

9.8CVSS7.3AI score0.10144EPSS

OSV•added yesterday•5 views

ROOT-APP-MAVEN-CVE-2024-12798 CVE-2024-12798 in io.root.ch.qos.logback:logback-core - Patched by Root

Root has patched CVE-2024-12798 in the io.root.ch.qos.logback:logback-core package for Root:Maven. Multiple fixed versions available...

5.5CVSS6.6AI score0.00169EPSS

OSV•added yesterday•6 views

ROOT-APP-MAVEN-CVE-2026-1225 CVE-2026-1225 in io.root.ch.qos.logback:logback-core - Patched by Root

Root has patched CVE-2026-1225 in the io.root.ch.qos.logback:logback-core package for Root:Maven. Multiple fixed versions available...

5CVSS5.8AI score0.00014EPSS

OSV•added yesterday•4 views

ROOT-APP-MAVEN-CVE-2025-11226 CVE-2025-11226 in io.root.ch.qos.logback:logback-core - Patched by Root

Root has patched CVE-2025-11226 in the io.root.ch.qos.logback:logback-core package for Root:Maven. Multiple fixed versions available...

6.4CVSS5.2AI score0.00067EPSS

RedhatCVE•added 3 days ago•5 views

CVE-2026-10532

A flaw was found in the logback-core component of QOS.CH Sarl logback. This deserialization of untrusted data vulnerability allows a remote attacker, by influencing serialized data sent to SimpleSocketServer or SimpleSSLSocketServer, to instantiate Proxy objects. Although heavily restricted by...

6.3CVSS5.6AI score0.00113EPSS

Exploits0References2

RedhatCVE•added 4 days ago•9 views

CVE-2026-9828

Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core HardenedObjectInputStream logback-core modules allows Object Injection albeit heavily restricted. More precisely, an attacker able to influence serialized data sent to SimpleSocketServer or SimpleSSLSocketServer c...

6.3CVSS6.3AI score0.00113EPSS

SUSE CVE•added 2026/06/02 1:44 a.m.•10 views

SUSE CVE-2026-10532

Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core HardenedObjectInputStream logback-core modules allows Object Injection, albeit heavily restricted. More precisely, an attacker able to influence serialized data sent to SimpleSocketServer or SimpleSSLSocketServer...

Tenable Nessus•added 2026/06/02 12:0 a.m.•13 views

Exploits0References3

Linux Distros Unpatched Vulnerability : CVE-2026-10532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core HardenedObjectInputStream logback-core modules allows Object Injection, albe...

6.3CVSS6.3AI score0.00113EPSS

Exploits0References3

OSV•added 2026/06/01 1:16 p.m.•7 views

DEBIAN-CVE-2026-10532

NVD•added 2026/06/01 1:16 p.m.•13 views

CVE-2026-10532

6.3CVSS0.00113EPSS

OSV•added 2026/06/01 1:16 p.m.•6 views

UBUNTU-CVE-2026-10532

EUVD•added 2026/06/01 11:30 a.m.•8 views

Exploits0References3

EUVD-2026-33632

Vulnrichment•added 2026/06/01 11:30 a.m.•8 views

CVE-2026-10532 Logback deserialization whitelist bypass for Proxy objects

Debian CVE•added 2026/06/01 11:30 a.m.•9 views

CVE-2026-10532

ATTACKERKB•added 2026/06/01 11:30 a.m.•9 views

CVE-2026-10532

Cvelist•added 2026/06/01 11:30 a.m.•30 views

Exploits0References2

CVE-2026-10532 Logback deserialization whitelist bypass for Proxy objects

6.3CVSS0.00113EPSS

CVE•added 2026/06/01 11:30 a.m.•45 views

CVE-2026-10532

The CVE-2026-10532 issue concerns deserialization of untrusted data in QOS.CH Sarl logback-logback-core’s HardenedObjectInputStream module, allowing Object Injection when serialized data is directed at SimpleSocketServer or SimpleSSLSocketServer to instantiate Proxy objects. The vulnerability is ...

Positive Technologies•added 2026/06/01 12:0 a.m.•14 views

PT-2026-45408