251 matches found
CVE-2026-47065
ZDRES-232: resolveProxyClass Not Overridden - acceptMatchers Filter Bypass via java.lang.reflect.Proxy Assessment: Fully addressed. When the serialised stream contains a TCPROXYCLASSDESC the marker for a java.lang.reflect.Proxy , JDK’s ObjectInputStream.readProxyDesc is dispatched. JDK then calls...
CVE-2026-31238
The Ludwig framework (up to 0.10.4) is vulnerable to insecure deserialization (CWE-502) in its model serving component. Starting a model server (ludwig serve) loads model weight files with torch.load() without enabling weights_only=True, allowing deserialization of arbitrary Python objects via pi...
JLSEC-2026-323
HDF5 Library through 1.14.3 has a heap buffer overflow in H5Spointdeserialize in H5Spoint.c...
OPENSUSE-SU-2026:20644-1 Security update for python-jwcrypto
This update for python-jwcrypto fixes the following issues: - CVE-2026-39373: weak mitigation for JWT bomb attack in the deserialize function can lead to memory exhaustion via crafted compressed JWE tokens bsc1261802...
SUSE-SU-2026:21425-1 Security update for python-jwcrypto
This update for python-jwcrypto fixes the following issues: - CVE-2026-39373: weak mitigation for JWT bomb attack in the deserialize function can lead to memory exhaustion via crafted compressed JWE tokens bsc1261802...
Pipecat 代码问题漏洞
Pipecat is an open-source development framework developed by Pipecat that supports real-time audio and video stream processing as well as AI-powered dialogue interactions. Versions 0.0.41 to 0.0.93 of Pipecat contain code vulnerabilities. These vulnerabilities stem from the deserialize method of...
SUSE CVE-2026-34159
llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserializetensor skips all bounds validation when a tensor's buffer field is 0. An unauthenticated attacker can read and write arbitrary process memory via crafted GRAPHCOMPUTE messages. Combined...
EUVD-2026-17958
An unauthenticated remote code execution RCE vulnerability exists in applications that use the Replicator node package manager npm version 1.0.5 to deserialize untrusted user input and execute the resulting object...
DEBIAN-CVE-2026-34159
llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserializetensor skips all bounds validation when a tensor's buffer field is 0. An unauthenticated attacker can read and write arbitrary process memory via crafted GRAPHCOMPUTE messages. Combined...
CVE-2026-34159
llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserializetensor skips all bounds validation when a tensor's buffer field is 0. An unauthenticated attacker can read and write arbitrary process memory via crafted GRAPHCOMPUTE messages. Combined...
llama.cpp 缓冲区错误漏洞
Llama.cpp is a multimodal model developed by Georgi Gerganov. Prior versions of llama.cpp b8492 contained a buffer error vulnerability. This vulnerability stemmed from the deserializetensor function in the RPC backend, which skipped all boundary verifications when the buffer field of the tensor w...
PT-2026-29570
Name of the Vulnerable Software and Affected Versions llama.cpp versions prior to b8492 Description A logic bug in the RPC backend's deserialize tensor function allows an unauthenticated attacker to read and write arbitrary process memory. This occurs because bounds validation is skipped when a...
Prototype Pollution
Overview @orpc/client is a Affected versions of this package are vulnerable to Prototype Pollution via the deserialize function in StandardRPCJsonSerializer. An attacker can inject arbitrary properties into the global Object.prototype by sending specially crafted payloads containing dangerous...
Allocation of Resources Without Limits or Throttling
Overview @sveltejs/kit is a SvelteKit framework and CLI Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the deserializebinaryform function in the remote form handler. An attacker can exhaust application resources by sending crafted bina...
PT-2026-20412
Name of the Vulnerable Software and Affected Versions Rexroth IndraWorks UA.Testclient versions prior to 15V24 Description A flaw exists in the UA.Testclient utility, included within Rexroth IndraWorks, allowing an attacker to execute arbitrary code on a user’s system. This is achieved by parsing...
MetaGPT code issues and vulnerabilities
MetaGPT is a multi-agent framework developed by MetaGPT Inc. There are code issues and vulnerabilities in MetaGPT; these vulnerabilities stem from the deserializemessage function’s lack of verification of the data provided by users, which may lead to the deserialization of untrusted data and remo...
Memory Allocation with Excessive Size Value
Overview @sveltejs/kit is a SvelteKit framework and CLI Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the deserializebinaryform function via Remote Form endpoint. An attacker can cause excessive memory allocation by sending a specially crafted...
GHSA-GW2X-Q739-QHCR RustFS gRPC GetMetrics deserialization panic enables remote DoS
Summary A malformed gRPC GetMetrics request causes getmetrics to unwrap failed deserialization of metrictype/opts, panicking the handler thread and enabling remote denial of service of the metrics endpoint. Details - Vulnerable code: rustfs/src/storage/tonicservice.rs:1775-1782: - MetricType and...
CVE-2025-15246
Aizuda snail-job (macOS) up to version 1.7.0 is affected in the API component by FurySerializer.deserialize, where manipulating the argsStr enables deserialization leading to remote exploitation. The exploit has been publicly disclosed. Remediation: upgrade to a version newer than 1.7.0 (i.e., no...
CVE-2025-15246 aizuda snail-job API FurySerializer.deserialize deserialization
A vulnerability was determined in aizuda snail-job up to 1.7.0 on macOS. Affected by this vulnerability is the function FurySerializer.deserialize of the component API. This manipulation of the argument argsStr causes deserialization. Remote exploitation of the attack is possible. The exploit has...