Vulnerability Key Information Vulnerability Identifier: - VDB-344688 - CVE-2026-2113 - GCVE-100-344688 Vulnerability Summary: - A critical vulnerability has been discovered in yuan1994 tpadmin up to version 1.3.12. This vulnerability affects unknown code in the library within the component. The vulnerability allows for deserialization via manipulation. It only impacts products that are no longer supported by the maintainer. The vulnerability is designated as . Remote attacks are possible, and a public exploit is available. CVSS Meta Temp Score: - 6.6 Current Exploit Price: - $0-$5k CTI Interest Score: - 0.92 Vulnerability Details: - A critical vulnerability was identified in up to version 1.3.12. The issue affects an unknown functionality in the library of the component. Manipulation using unknown input leads to a deserialization vulnerability, classified by CWE as . The product deserializes untrusted data without adequately verifying the validity of the resulting data, impacting confidentiality, integrity, and availability. - The advisory is available for download on . The vulnerability is tracked as . Exploitation is reported to be easy and can be performed remotely. No authentication is required to execute the attack. Technical details and a public exploit are known. - The exploit is shared for download on and is labeled as a proof-of-concept. Further information can be obtained by searching for public exploits.