Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 322— Search: 反序列化×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
Premium intel
CVSS 9.8
CVE-2023-3275: BentoML Runner Server Insecure Deserialization RCE
github.com · 2025-04-10

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Insecure deserialization leading to Remote Code Execution (RCE) - **Affected Versions**: >=1.0, <1.4.8 - **Fixed Version**: 1.…

Read more
OPEN BizRobo! Vulnerability Advisory: RCE via XStream Deserialization and Hardcoded Keys
jvn.jp · 2025-04-12

### Critical Vulnerability Information #### Vulnerability Overview - **JVN ID**: JVN#30641875 - **Title**: Multiple Vulnerabilities in BizRobo! - **Release Date**: 2025/04/10 - **Update Date**: 2025/0…

Read more
Design Studio Java Deserialization RCE via License Server
knowledge.bizrobo.com · 2025-04-12

### Critical Vulnerability Information #### Title Arbitrary Code Execution on MC License Server via Java Deserialization in Design Studio License Authentication by Product User #### Affected Version -…

Read more
CVSS 6.2
Subnet Solutions PowerSYSTEM Center Out-of-Bounds Read & Deserialization Vulnerabilities (CVE-2025-3135)
www.cisa.gov · 2025-04-12

### Critical Vulnerability Information #### 1. Vulnerability Overview - **Release Date**: April 10, 2025 - **Alert ID**: ICSA-25-100-08 - **Relevant Topics**: Industrial Control System Vulnerabilities…

Read more
GHSL-2025-012/022: Command Injection and Deserialization Vulnerabilities Leading to RCE
securitylab.github.com · 2025-05-07

### Key Vulnerability Information #### Vulnerability IDs - GHSL-2025-012 - GHSL-2025-022 - CVE-2025-43842 - CVE-2025-43852 #### Vulnerability Types - Command Injection - Code Injection - Deserializati…

Read more
CVSS 7.0
Microsoft SharePoint Server Deserialization RCE Vulnerability (CVE-2025-30378)
msrc.microsoft.com · 2025-05-15

From this webpage screenshot, the following key information about the vulnerability can be obtained: - **Vulnerability Name**: Microsoft SharePoint Server Remote Code Execution Vulnerability - **CVE I…

Read more
Capco Symfony Unserialization Vulnerability Fix (allowed_classes=false)
github.com · 2025-05-15

From this webpage screenshot, the following key information about the vulnerability can be obtained: - **Submission Details**: - Submission ID: 812f2a7 - Submitters: TeaAlex and cap-collectif-github-b…

Read more
CVSS 5.3
Airiana Insecure Deserialization Vulnerability (RCE) via pickle.load()
github.com · 2025-05-17

### Critical Vulnerability Information #### Vulnerability Type - **Unsafe Deserialization**: Remote Code Execution (RCE) via `pickle.load()`. #### Vulnerability Description - The script loads data fro…

Read more
CVSS 5.3
Airiana Insecure Deserialization via pickle.load() Leading to RCE
github.com · 2025-05-17

### Key Information #### Vulnerability Description - **Vulnerability Type**: Insecure Deserialization - **Impact**: Remote Code Execution (RCE) via `pickle.load()` #### Vulnerability Cause - The scrip…

Read more
CVSS 5.3
basestation3 QC.py pickle Deserialization RCE Vulnerability Analysis
github.com · 2025-05-20

### Key Information Summary #### Vulnerability Description - **Issue**: In the `load_qc_pickl()` function of the `QC.py` file, Python's `pickle.load()` method is used to deserialize file data without …

Read more
CVSS 5.3
RCE via Unsafe Deserialization in basestation3 QC.py load_qc_pickl
github.com · 2025-05-20

### Key Information Summary #### Vulnerability Description - **Vulnerability Type**: Remote Code Execution (RCE) via unsafe deserialization - **Affected File**: QC.py - **Affected Function**: load_qc_…

Read more
CVSS 5.3
RCE via Unsafe Deserialization in basestation3 QC.py load_qc_pickl
github.com · 2025-05-20

### Key Information Summary #### Vulnerability Description - **Vulnerability Type**: Remote Code Execution (RCE) - **Cause**: Insecure deserialization via `pickle.load()` in the `load_qc_pickl()` func…

Read more
CVSS 5.3
pypickle pickle deserialization RCE vulnerability and fix
github.com · 2025-05-27

### Critical Vulnerability Information #### Vulnerability Description - **Issue**: The `load()` function in `pypickle.py` uses Python's `pickle.load()` to deserialize data from files, without validati…

Read more
CVSS 5.3
pypickle pickle deserialization RCE vulnerability and fix
github.com · 2025-05-27

### Critical Vulnerability Information #### Vulnerability Description - **Issue**: The `load()` function in `pypickle.py` uses Python's `pickle.load()` to deserialize data from files, without validati…

Read more
FreeScout Deserialization Vulnerability (CVE-2025-4800) Advisory
github.com · 2025-05-30

### Critical Vulnerability Information #### Vulnerability Overview - **Vulnerability Type**: Deserialization of Untrusted Data - **CVE ID**: CVE-2025-4800 - **CVSS v4.0 Base Metrics**: - **Severity**:…

Read more
CVSS 6.3
phpwcms FeedImport Module PHAR Deserialization Vulnerability Analysis
vuldb.com · 2025-06-04

From this webpage screenshot, the following key information about the vulnerability can be extracted: - **Title**: phpwcms 1.10.8 phar deserialization vulnerability - **Description**: - The phpwcms co…

Read more
Premium intel
CVSS 9.8
Trend Micro Endpoint Encryption Untrusted Data Deserialization RCE (CVE-2025-49212)
www.zerodayinitiative.com · 2025-07-06

### Critical Vulnerability Information - **Vulnerability Name**: Trend Micro Endpoint Encryption PolicyValueTableSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerabili…

Read more
Premium intel
CVSS 8.8
Trend Micro Endpoint Encryption Deserialization RCE Vulnerability (CVE-2025-49212)
www.zerodayinitiative.com · 2025-07-06

### Critical Vulnerability Information - **Vulnerability Name**: Trend Micro Endpoint Encryption DeserializeFromBase64String Deserialization of Untrusted Data Remote Code Execution Vulnerability - **Z…

Read more
Kaleris Navis N4 Deserialization RCE Vulnerability (CVE-2023-2923) Advisory
www.cisa.gov · 2025-07-06

### Critical Vulnerability Information #### 1. Vulnerability Overview - **CVE ID**: CVE-2023-2923 - **Severity**: High (enables remote attacks with low complexity) - **Vendor**: Kaleris - **Affected D…

Read more
Weaver OA CNVD-2021-01627 Pre-Auth Bypass & Deserialization Patch
service.seeyon.com · 2025-07-06

### Key Information #### Vulnerability Name Pre-Login Interface Privilege Escalation Patch (autoinstall) [CNVD-2021-01627] #### Release Date February 21, 2021 #### Issues Addressed 1. Pre-login method…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.