2 matches found
CVE-2026-27475
creationtimestamp| type| source ---|---|--- 2026-02-19 19:34:55+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfadn3dema2c 2026-02-24 21:20:10+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfn3tvv3k42m...
CVE-2026-27475 SPIP < 4.4.9 Insecure Deserialization
SPIP before 4.4.9 allows Insecure Deserialization in the public area through the tablevaleur filter and the DATA iterator, which accept serialized data. An attacker who can place malicious serialized content a pre-condition requiring prior access or another vulnerability can trigger arbitrary...