Vulnerability Description: A critical vulnerability in , affecting the function in . Data deserialization issue can occur with manipulated inputs. Exploitation Details: The exploit, shared publicly, requires local network access. The vulnerability is classified as CWE-502 (deserialization of untrusted data). It impacts confidentiality, integrity, and availability. Vendor Response: The vendor did not respond to early communication about the vulnerability. CVSS Score and CTI Interest: CVSS score is 6.1. CTI Interest Score is 3.4, showing moderate interest in the exploit market. Current Exploit Price: Estimated between $0-$5k, indicating potential value to attackers. CVE Identifier: CVE-2026-2970