CVE-2026-8024 Deserialization vulnerability in ibaPDA and ibaDatCoordinator

A remote, unauthenticated attacker may exploit a deserialization of untrusted data vulnerability in ibaPDA or ibaDatCoordinator to gain full access to the affected systems...

EUVD-2026-37869

A remote, unauthenticated attacker may exploit a deserialization of untrusted data vulnerability in ibaPDA or ibaDatCoordinator to gain full access to the affected systems...

CVE-2026-12569 Remote Code Execution (RCE) vulnerability in Windchill PDMlink

A critical remote code execution RCE vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This advisory also applies to all CPS versions The identified vulnerability also impacts Windchill and...

EUVD-2026-37831

A critical remote code execution RCE vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This advisory also applies to all CPS versions The identified vulnerability also impacts Windchill and...

PT-2026-50658

Name of the Vulnerable Software and Affected Versions ibaPDA affected versions not specified ibaDatCoordinator affected versions not specified Description Remote, unauthenticated attackers can exploit a deserialization of untrusted data issue to achieve remote code execution, potentially gaining...

EUVD-2026-37670

Unauthenticated Deserialization of untrusted data in Slimstat Analytics 5.4.0 versions...

erb: ERB: Arbitrary code execution via deserialization bypass

A flaw was found in ERB, a templating system for Ruby. An attacker who can trigger deserialization of untrusted data in a Ruby application can bypass existing protections. This vulnerability allows for arbitrary code execution by exploiting specific public methods that evaluate template source...

CVE-2025-60231

Deserialization of Untrusted Data vulnerability in EMV The Hospital nrghospital allows Object Injection. This issue affects The Hospital: from n/a through 1.8.1...

CVE-2025-60230

Deserialization of Untrusted Data vulnerability in Themeton The Barber Shop allows Object Injection. This issue affects The Barber Shop: from n/a through 1.9...

CVE-2025-60236

Deserialization of Untrusted Data vulnerability in EMV Creatify allows Object Injection. This issue affects Creatify: from n/a through 1.5...

CVE-2025-60229

Deserialization of Untrusted Data vulnerability in Themeton Lagom allows Object Injection. This issue affects Lagom: from n/a through 2.0...

EUVD-2025-210246

Deserialization of Untrusted Data vulnerability in EMV Creatify allows Object Injection. This issue affects Creatify: from n/a through 1.5...

CVE-2025-60236 WordPress Creatify theme <= 1.5 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in EMV Creatify allows Object Injection. This issue affects Creatify: from n/a through 1.5...

EUVD-2025-210245

Deserialization of Untrusted Data vulnerability in EMV The Hospital nrghospital allows Object Injection. This issue affects The Hospital: from n/a through 1.8.1...

CVE-2026-27410

Unauthenticated Deserialization of untrusted data in Slimstat Analytics 5.4.0 versions...

EUVD-2025-210244

Deserialization of Untrusted Data vulnerability in Themeton The Barber Shop allows Object Injection. This issue affects The Barber Shop: from n/a through 1.9...

CVE-2025-60230 WordPress The Barber Shop theme <= 1.9 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Themeton The Barber Shop allows Object Injection. This issue affects The Barber Shop: from n/a through 1.9...

EUVD-2025-210243

Deserialization of Untrusted Data vulnerability in Themeton Lagom allows Object Injection. This issue affects Lagom: from n/a through 2.0...

CVE-2025-60229 WordPress Lagom theme <= 2.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Themeton Lagom allows Object Injection. This issue affects Lagom: from n/a through 2.0...

CVE-2026-27410

CVE-2026-27410 concerns WordPress Slimstat Analytics plugin prior to 5.4.0, with unauthenticated deserialization of untrusted data exposed by versions