CVE-2026-26208

ADB Explorer is a fluent UI for ADB on Windows. Prior to Beta 0.9.26020, ADB Explorer is vulnerable to Insecure Deserialization leading to Remote Code Execution. The application attempts to deserialize the App.txt settings file using Newtonsoft.Json with TypeNameHandling set to Objects. This allo...

SolarWinds Information Service (SWIS) .NET Deserialization From AMQP RCE

The SolarWinds Information Service SWIS is vulnerable to RCE by way of a crafted message received through the AMQP message queue. A malicious user that can authenticate to the AMQP service can publish such a crafted message whose body is a serialized .NET object which can lead to OS command...

. NET advanced code audit of the first six classes DataContractSerializer deserialization vulnerability-vulnerability warning-the black bar safety net

DataContractSerializer class is used for serialization and de-serialization in Windows Communication Foundation WCF message to send the data for the CLR data type is serialized into an XML stream, which is located in the namespace System. Runtime. Serialization, and inherits from the System...

. NET advanced code audit（second class） Json. Net deserialization vulnerability-vulnerability warning-the black bar safety net

Newtonsoft. Json, which is an open-source Json. Net library, the official address: https://www.newtonsoft.com/json a read and write Json, efficiency is very high. Net library, in the do develop the time, a lot of data exchange are based on the json format for transmission. While using Json, the...

DotNetNuke arbitrary code execution vulnerability(CVE-2017-9822)

0x00 background description DNN uses web cookies to identify users. A malicioususer can decode one of such cookies and identify who that user is, and possiblyimpersonate other users and even upload malicious code to the server. --DNNsecurity-center 2017 7 November 5, DNN security sector released ...