Lucene search
+L

363 matches found

Cvelist
Cvelist
added 2026/07/10 7:13 a.m.33 views

CVE-2026-40008 Apache IoTDB: Arbitrary Class Instantiation via Pipe Transfer RPC

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Apache IoTDB. The pipe processor reads a fully qualified Java class name and instantiates it using Class.forName.newInstance without any validation or allowlisting. This issue affects Apache IoTDB:...

0.00332EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/10 7:13 a.m.7 views

CVE-2026-40008

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Apache IoTDB. The pipe processor reads a fully qualified Java class name and instantiates it using Class.forName.newInstance without any validation or allowlisting. This issue affects Apache IoTDB:...

9.8CVSS6.1AI score0.00332EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.13 views

PT-2026-54850

Name of the Vulnerable Software and Affected Versions mchange-commons-java versions prior to 0.6.0 Description The JNDI ObjectFactory implementation com.mchange.v2.naming.JavaBeanObjectFactory allows the construction of objects from arbitrary classes and the initialization of JavaBean-style...

7.1CVSS6AI score0.00327EPSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/26 9:8 p.m.10 views

Malicious code in db-plog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 961a6a108104105727b81399e6a3a6d56636cb79ae8fbfbbc33528f90d890d99 On every Model instantiation — the package's documented primary API — dist/index.js executes execSync'npm install db-connector-log --no-warnings...

6AI score
Exploits0References3
Snyk
Snyk
added 2026/06/24 3:18 p.m.5 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the Pipeline Snippet Generator process. An attacker can gain unauthorized access to instantiate types related to job or system configuration by submitting crafted input to the generator. Remediation Upgrade...

6.9CVSS5.8AI score0.00275EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.36 views

CVE-2026-57284

Jenkins Pipeline: Groovy Plugin 4331.v9d06ed4658ff and earlier does not restrict the types that can be instantiated through the Pipeline Snippet Generator, allowing attackers to instantiate types related to job or system configuration other than Pipeline steps...

0.00275EPSS
Exploits0References1
OSV
OSV
added 2026/06/23 9:21 p.m.4 views

GHSA-J3RV-43J4-C7QM jackson-databind has a PolymorphicTypeValidator bypass via generic type parameters that allows arbitrary class instantiation

jackson-databind's PolymorphicTypeValidator PTV is the primary safety mechanism guarding polymorphic deserialization. When polymorphic typing is enabled and a type identifier contains generic parameters i.e. the type ID string contains when only java.util.ArrayList is allow-listed. The container...

8.1CVSS6.2AI score0.00617EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/06/23 9:21 p.m.109 views

jackson-databind has a PolymorphicTypeValidator bypass via generic type parameters that allows arbitrary class instantiation

jackson-databind's PolymorphicTypeValidator PTV is the primary safety mechanism guarding polymorphic deserialization. When polymorphic typing is enabled and a type identifier contains generic parameters i.e. the type ID string contains when only java.util.ArrayList is allow-listed. The container...

8.1CVSS6.2AI score0.00617EPSS
Exploits1References4Affected Software2
OSV
OSV
added 2026/06/23 8:56 p.m.4 views

CVE-2026-54512 jackson-databind: PolymorphicTypeValidator bypass via generic type parameters allows arbitrary class instantiation

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.10.0 until 2.18.8, 2.21.4, and 3.1.4, jackson-databind's PolymorphicTypeValidator PTV is the primary safety mechanism guarding polymorphic deserialization. When polymorphic...

8.1CVSS6AI score0.00617EPSS
Exploits1References5
NVD
NVD
added 2026/06/09 5:16 a.m.13 views

CVE-2026-41855

In an untrusted JMS environment, org.springframework.jms.support.converter.MappingJackson2MessageConverter and org.springframework.jms.support.converter.JacksonJsonMessageConverter allow arbitrary class instantiation, which can lead to unauthorized actions via gadget class deserialization. Affect...

9.8CVSS0.00268EPSS
Exploits0References1
OSV
OSV
added 2026/06/09 5:16 a.m.8 views

UBUNTU-CVE-2026-41855

In an untrusted JMS environment, org.springframework.jms.support.converter.MappingJackson2MessageConverter and org.springframework.jms.support.converter.JacksonJsonMessageConverter allow arbitrary class instantiation, which can lead to unauthorized actions via gadget class deserialization. Affect...

9.8CVSS5.6AI score0.00268EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/09 3:51 a.m.11 views

CVE-2026-41855 Spring Framework Unsafe Deserialization via Jackson JMS Converters

In an untrusted JMS environment, org.springframework.jms.support.converter.MappingJackson2MessageConverter and org.springframework.jms.support.converter.JacksonJsonMessageConverter allow arbitrary class instantiation, which can lead to unauthorized actions via gadget class deserialization. Affect...

8.1CVSS5.6AI score0.00268EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

VMware Spring Framework 代码问题漏洞

VMware Spring Framework is an open-source Java and JavaEE application framework developed by VMware, Inc. This framework helps developers build high-quality applications. Versions of the VMware Spring Framework prior to 7.0.0, 6.2.0, 6.1.0, and 5.3.0 contain code vulnerabilities. These...

9.8CVSS5.7AI score0.00268EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.9 views

CVE-2026-42521

Jenkins Matrix Authorization Strategy Plugin 2.0-beta-1 through 3.2.9 both inclusive invokes parameterless constructors of classes specified in configuration when deserializing inheritance strategies, without restricting the classes that can be instantiated, allowing attackers with Item/Configure...

6.5CVSS5.6AI score0.00246EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.11 views

CVE-2026-34216

CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, the admin settings update endpoint accepted a fully qualified class name directly from user-supplied request input and used it for dynamic static method calls and object instantiation without any allowli...

6.6CVSS5.7AI score0.00532EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.10 views

Unity Linux 20.1060e / 20.1070e Security Update: rubygem-kramdown (UTSA-2026-016633)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016633 advisory. Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated. Tenable has extracted th...

9.8CVSS7.4AI score0.02805EPSS
Exploits1References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: serial: max310x: Fixed a NULL pointer dereferencing issue during I2C instantiation. When attempting to instantiate a max14830 device from userspace: echo max14830 0x60 /sys/bus/i2c/devices/i2c-2/newdevice we encounter the followi...

5.5CVSS5.2AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: keys: Fixed the issue where the expiration time of a key was overwritten during instantiation, causing it to become permanent. This issue causes problems with DNS resolution, as the expiration time set by user-space is overwritte...

9.8CVSS6.4AI score0.00747EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in ruby-kramdown

Before version 2.3.1, Kramdown did not restrict Rouge formatters to the Rouge::Formatters namespace, allowing arbitrary classes to be instantiated...

9.8CVSS8.4AI score0.02805EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/19 8:31 p.m.39 views

CVE-2026-34216 CtrlPanel: Authenticated Remote Code Execution via Dynamic Class Instantiation in SettingsController.php

CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, the admin settings update endpoint accepted a fully qualified class name directly from user-supplied request input and used it for dynamic static method calls and object instantiation without any allowli...

6.6CVSS0.00532EPSS
Exploits0References2
Rows per page
Query Builder