PT-2026-49755

Name of the Vulnerable Software and Affected Versions LangGraph SQLite Checkpoint versions prior to 4.1.1 Description The JsonPlusSerializer can reconstruct Python objects from JSON checkpoint payloads. If an unauthorized party modifies checkpoint bytes at rest in the backing store, the...

EUVD-2020-0604

Malware in sbrugna...

EUVD-2021-1967

Malware in sbrugna...

EUVD-2020-17949

Malware in sbrugna...

EUVD-2025-6954

Malicious code in bioql PyPI...

EUVD-2023-24153

Malicious code in bioql PyPI...

EUVD-2025-7825

Malicious code in bioql PyPI...

EUVD-2025-22772

Malicious code in bioql PyPI...

EUVD-2022-6726

Malicious code in bioql PyPI...

EUVD-2024-0286

Malicious code in bioql PyPI...

EUVD-2024-40866

Malicious code in bioql PyPI...

EUVD-2025-7194

Malicious code in bioql PyPI...

EUVD-2024-17619

Malicious code in bioql PyPI...

EUVD-2022-47296

Malicious code in bioql PyPI...

CVE-2025-8708

A vulnerability was found in Antabot White-Jotter 0.22. It has been declared as critical. This vulnerability affects the function CookieRememberMeManager of the file ShiroConfiguration.java of the component com.gm.wj.config.ShiroConfiguration. The manipulation with the input EVANNIGHTLYWAOU leads...

CVE-2025-54366 FreeScout's deserialization of untrusted data leads to Remote Code Execution

FreeScout is a lightweight free open source help desk and shared inbox built with PHP Laravel framework. In versions 1.8.185 and below, there is a critical deserialization vulnerability in the /conversation/ajax endpoint that allows authenticated users with knowledge of the APPKEY to achieve remo...

CVE-2025-42980 Insecure Deserialization in SAP NetWeaver Enterprise Portal Federated Portal Network

SAP NetWeaver Enterprise Portal Federated Portal Network is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system...

CVE-2022-44351

Skycaiji v2.5.1 was discovered to contain a deserialization vulnerability via /SkycaijiApp/admin/controller/Mystore.php...

CVE-2025-42999 Insecure Deserialization in SAP NetWeaver (Visual Composer development server)

SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system...

CVE-2025-42999

CVE-2025-42999 affects SAP NetWeaver Visual Composer Metadata Uploader. It is a deserialization vulnerability that can allow a privileged attacker to compromise confidentiality, integrity, and availability of the host system. Connected documents corroborate a broader context: CVE-2025-31324 (unre...