295 matches found
CVE-2026-15535
A vulnerability was determined in AkariAsai self-rag up to 1fcdc420e48f50a7d7ab1ece5494221b93252e99. Affected by this issue is the function Indexer.deserializefrom of the file retrievallm/src/index.py of the component retrievallm. Executing a manipulation of the argument indexmeta.faiss can lead ...
EUVD-2026-43275
A vulnerability was detected in yzhao062 pyod 3.5.0/3.5.1/3.5.2. Affected is the function pyod.utils.persistence.load of the file pyod/utils/persistence.py. Performing a manipulation of the argument path results in deserialization. The attack can be initiated remotely. The pull request to fix thi...
CVE-2026-14637
A security vulnerability has been detected in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 13fd582aaf49aeab7438acc0fc3eb973a1f5e6a7. The affected element is the function getCartItems in the library application/libraries/ShoppingCart.php. The manipulation of the argument shoppingcart leads to...
CVE-2026-14637
CVE-2026-14637 affects kirilkirkov Ecommerce-CodeIgniter-Bootstrap, specifically the getCartItems function in application/libraries/ShoppingCart.php. Input manipulation of the shopping_cart parameter leads to deserialization, enabling remote exploitation as described. The patch identifier is 49b2...
CVE-2026-12787
A vulnerability was found in zhilink 智互联深圳科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0. This affects an unknown part of the component testConnection Endpoint. The manipulation of the argument jdbcUrl results in deserialization. The attack may be performed from remote. The exploit has...
Seagull BarTender 代码问题漏洞
Seagull BarTender is an enterprise-level labeling, barcode, and RFID design and printing software developed by Seagull Corporation in the United States. Versions of Seagull BarTender 2010, 2016, and 2019 contained code vulnerabilities. These vulnerabilities stemmed from unvalidated and improperly...
PT-2026-44145
Name of the Vulnerable Software and Affected Versions symfony/monolog-bridge versions prior to 5.4.52 symfony/monolog-bridge versions prior to 6.4.40 symfony/monolog-bridge versions prior to 7.4.12 symfony/monolog-bridge versions prior to 8.0.12 symfony/symfony versions prior to 5.4.52...
CVE-2026-9497
A flaw has been found in changmingxie tcc-transaction up to 2.1.0. This issue affects the function Fastjson.parseObject of the component Fastjson AutoType REST API. This manipulation causes deserialization. It is possible to initiate the attack remotely. The vendor was contacted early about this...
CVE-2026-24163
NVIDIA TRT-LLM for any platform contains a vulnerability in RPC testing, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code execution, denial of service, data tampering, and information disclosure...
CVE-2026-8751
A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the component JAR Handler. Performing a manipulation results in deserialization. The attack is possible to be carried out remotely. The...
CVE-2026-8735
A vulnerability was identified in Oinone Pamirs up to 7.2.0. This affects the function JsonUtils.parseMap of the file PamirsParserConfig.java of the component appConfigQuery Interface. Such manipulation leads to deserialization. The attack can be launched remotely. The exploit is publicly availab...
CVE-2026-8751
A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the component JAR Handler. Performing a manipulation results in deserialization. The attack is possible to be carried out remotely. The...
CVE-2026-8751 h2oai h2o-3 JAR Model.java importBinaryModel deserialization
A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the component JAR Handler. Performing a manipulation results in deserialization. The attack is possible to be carried out remotely. The...
EUVD-2026-30697
A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the component JAR Handler. Performing a manipulation results in deserialization. The attack is possible to be carried out remotely. The...
CVE-2026-8751
A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the component JAR Handler. Performing a manipulation results in deserialization. The attack is possible to be carried out remotely. The...
CVE-2026-8751
Affected software: h2oai h2o-3 (versions before 7402). The issue lies in the JAR Handler component, specifically the importBinaryModel() function in h2o-core/src/main/java/hex/Model.java, where input manipulation can trigger deserialization. This enables remote exploitation, with the exploit publ...
CVE-2026-8751 h2oai h2o-3 JAR Model.java importBinaryModel deserialization
A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the component JAR Handler. Performing a manipulation results in deserialization. The attack is possible to be carried out remotely. The...
CVE-2026-8735 Oinone Pamirs appConfigQuery PamirsParserConfig.java JsonUtils.parseMap deserialization
A vulnerability was identified in Oinone Pamirs up to 7.2.0. This affects the function JsonUtils.parseMap of the file PamirsParserConfig.java of the component appConfigQuery Interface. Such manipulation leads to deserialization. The attack can be launched remotely. The exploit is publicly availab...
CVE-2026-8735
A vulnerability was identified in Oinone Pamirs up to 7.2.0. This affects the function JsonUtils.parseMap of the file PamirsParserConfig.java of the component appConfigQuery Interface. Such manipulation leads to deserialization. The attack can be launched remotely. The exploit is publicly availab...
PT-2026-41541
Name of the Vulnerable Software and Affected Versions h2oai h2o-3 versions prior to 7402 Description A flaw in the JAR Handler component allows remote attackers to trigger deserialization by manipulating the importBinaryModel function within the h2o-core/src/main/java/hex/Model.java file...