Lucene search
K

8 matches found

Chainguard
Chainguard
added 2026/05/07 1:17 a.m.16 views

CVE-2026-41409 vulnerabilities

Vulnerabilities for packages: apache-nifi, jenkins, apache-hop, apache-hop-fips...

9.8CVSS6.8AI score0.00451EPSS
Exploits0
OSV
OSV
added 2026/05/01 12:30 p.m.5 views

GHSA-995C-6RP3-4M4X Apache MINA vulnerable to Deserialization of Untrusted Data (CVE-2026-41409 Incomplete Fix)

The fix for CVE-2026-41409 was not applied to the 2.1.X and 2.2.X branches. Here was the original issue description: The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject was incomplete. The classname allowlist of classes allowed to be deserialized was applied too late after a stat...

9.8CVSS5.8AI score0.00657EPSS
Exploits0References5
Circl
Circl
added 2026/04/29 8:7 p.m.8 views

CVE-2026-41409

creationtimestamp| type| source ---|---|--- 2026-04-29 20:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mknvm7v3uf2w 2026-05-01 01:27:07+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3mkqxxdbwbc2e 2026-05-01 10:26:32+00:00| seen|...

9.8CVSS6.6AI score0.00451EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-41409

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject was incomplete. The classname allowlist of classes allowed to be deserialized was applied t...

10CVSS7.1AI score0.23932EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/04/27 12:30 p.m.9 views

com.github.niupengyu.schedule:ahead-schedule-distributed (>=1.2.6-RELEASE <=1.2.8-RELEASE), com.github.niupengyu:ahead-frame-socket (>=1.2.1-RELEASE <=1.2.3-RELEASE) +40 more potentially affected by CVE-2026-41409 via org.apache.mina:mina-core (>=2.1.0 <=2.1.10)

org.apache.mina:mina-core MAVEN version =2.1.0, =1.2.6-RELEASE, =1.2.1-RELEASE, =2.2.1, =2.2.1, =3.0.0, =1.0.0, =3.0.11, =3.6.7, =3.6.7, =3.6.7, =3.6.10 and more Source cves: CVE-2026-41409 Source advisory: OSV:GHSA-F2WH-GRMH-R6JM...

9.8CVSS5.8AI score0.00451EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/27 11:12 a.m.9 views

ai.h2o:sparkling-water-core_2.11 (>=3.46.0.1-1-2.3 <=3.46.0.6-1-2.4), ai.h2o:sparkling-water-core_2.12 (>=3.46.0.1-1-3.0 <=3.46.0.6-1-3.5) +762 more potentially affected by CVE-2024-52046 +1 more via org.apache.mina:mina-core (>=2.2.0 <=2.2.5)

org.apache.mina:mina-core MAVEN version =2.2.0, =3.46.0.1-1-2.3, =3.46.0.1-1-3.0, =3.46.0.1-1-2.3, =3.46.0.1-1-3.0, =3.46.0.1-1-2.3, =3.46.0.1-1-3.0, =3.46.0.1-1-2.3, =3.46.0.1-1-3.0, =1.5.4.RELEASE, =0.0.2, =3.0.0, =1.0.9, =1.6.9, =1.2.5, =1.1.7, =1.2.8 and more Source cves: CVE-2024-52046,...

10CVSS7.1AI score0.23932EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/27 11:12 a.m.11 views

com.github.niupengyu.schedule:ahead-schedule-distributed (>=1.2.6-RELEASE <=1.2.8-RELEASE), com.github.niupengyu:ahead-frame-socket (>=1.2.1-RELEASE <=1.2.3-RELEASE) +40 more potentially affected by CVE-2024-52046 +1 more via org.apache.mina:mina-core (>=2.1.0 <=2.1.10)

org.apache.mina:mina-core MAVEN version =2.1.0, =1.2.6-RELEASE, =1.2.1-RELEASE, =2.2.1, =2.2.1, =3.0.0, =1.0.0, =3.0.11, =3.6.7, =3.6.7, =3.6.7, =3.6.10 and more Source cves: CVE-2024-52046, CVE-2026-41409 Source advisory: SNYK:JAVA-ORGAPACHEMINA-16322973...

10CVSS7.1AI score0.23932EPSS
Exploits0
NVD
NVD
added 2026/04/27 10:16 a.m.7 views

CVE-2026-41409

The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject was incomplete. The classname allowlist of classes allowed to be deserialized was applied too late after a static initializer in a class to be read might already have been executed. Affected versions are Apache MINA 2.0.0 =...

9.8CVSS0.00451EPSS
Exploits0References1
Rows per page
Query Builder