Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 322— Search: 反序列化×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 6.3
Pickle Deserialization RCE in Robot Bridge Reasoning Server with PoC
github.com · 2025-09-26

### Key Information #### Vulnerability Type - **Remote Code Execution (RCE) Vulnerability** #### Affected Code - `experiments.robot.bridge.reasoning_server::run_reasoning_server` #### Vulnerability De…

Read more
CVSS 7.3
pmTicket Project-Management-Software Insecure Deserialization Authentication Bypass via Cookie
vuldb.com · 2025-09-29

### Critical Vulnerability Information - **Submission ID**: #657302 - **Title**: pmTicket Project-Management-Software (https://github.com/issue-tracking-system/Project-Management-Software) up to commi…

Read more
CVSS 7.3
Authentication Bypass via Insecure Deserialization in loadLanguage
drive.google.com · 2025-09-29

### Key Information #### Vulnerability Type - **Authentication Bypass via Insecure Deserialization (Critical)** #### Vulnerability Description - In the `loadLanguage` function of the `class.main.php` …

Read more
CVSS 9.8
Newforma Project Center .NET Unauthorized Deserialization (CVE-2025-35050)
www.cve.org · 2025-10-10

### Critical Vulnerability Information - **CVE ID**: CVE-2025-35050 - **Release Date**: 2025-10-09 - **Update Date**: 2025-10-09 - **Title**: Newforma Info Exchange (NIX) .NET Unauthorized Deserializa…

Read more
Kafka-UI v0.7.2 Unsafe Deserialization RCE via Malicious Serde Config
github.com · 2025-10-15

### Critical Vulnerability Information #### Vulnerability Description - **Type**: Unsafe deserialization via malicious Serde configuration (leading to RCE/DoS) - **Location**: Dashboard → "Configure N…

Read more
CVE-2018-1904: IBM WebSphere Application Server Deserialization RCE Vulnerability
www-01.ibm.com · 2025-11-07

- **CVE ID**: CVE-2018-1904 - **Description**: IBM WebSphere Application Server could allow remote attackers to execute arbitrary Java code through an administrative client class with a serialized obj…

Read more
CVE-2015-3253: Apache Groovy/Elasticsearch Deserialization RCE Vulnerability
www.zerodayinitiative.com · 2025-11-07

- **CVE ID**: CVE-2015-3253 - **CVSS Score**: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - **Affected Vendors**: - Apache - Elastic - **Affected Products**: - Groovy - Elasticsearch - **Vulnerability Details**: …

Read more
Mahara Skin Import Unserialize Vulnerability (CVE-2017-1000148)
bugs.launchpad.net · 2025-11-07

### Key Information #### Vulnerability Description - **Vulnerability Type**: Unserialize untrusted data when importing skins - **Affected Versions**: 1.10, 15.04, 15.10, master - **Platform**: Any pla…

Read more
Cacti Unsafe Deserialization Vulnerability (CVE-2019-17358) Advisory
people.canonical.com · 2025-11-07

From the webpage screenshot, the following key information can be extracted: ### Key Information - **Vulnerability Identifier**: - CVE-2019-17358 - **Release Date**: - December 12, 2019 - **Last Updat…

Read more
NetApp jackson-databind Deserialization Vulnerability Advisory (CVE-2020-11619/11620)
security.netapp.com · 2025-11-07

### Vulnerability Key Information - **Advisory ID**: NTAP-20200511-0004 - **Version**: 14.0 - **Last Updated**: 12/02/2020 - **Status**: Final - **CVEs**: CVE-2020-11619, CVE-2020-11620 #### Summary -…

Read more
Premium intel
CVSS 8.1
Alibaba Fastjson Deserialization Bypass of autoType Limitation and Mitigation
github.com · 2025-11-08

## Critical Vulnerability Information ### 1. Risk Description Fastjson has adopted a whitelist/blacklist mechanism to defend against deserialization vulnerabilities. However, research has shown that u…

Read more
CVSS 7.4
SinGooCMS.Utility Deserialization Vulnerability (CVE-2022-0749)
snyk.io · 2025-11-08

# Vulnerability Information ## Vulnerability Name Deserialization of Untrusted Data ## Affected Scope - **Affected Package**: singooocms.utility - **Affected Versions**: [0, ] ## Vulnerability Details…

Read more
VINADES Joomla SQL Injection and Deserialization Fix
github.com · 2025-11-08

**Key Information Summary**: - **Commit Summary**: - Title: Security Fixes - Author: VINADES.JSC (authored and hoaquynhtim99 committed) - Commit Date: December 23, 2019 - **Affected Files**: - `detail…

Read more
RHSA-2015:2517: Red Hat Fuse Service Works fixes Commons Collections deserialization RCE (CVE-2015-7501)
rhn.redhat.com · 2025-11-09

- **Title**: RHSA-2015:2517 – Security Advisory - **Summary**: Critical: Red Hat Fuse Service Works 6.0.0 commons-collections Security Update - **Type/Severity**: Security Advisory: Critical - **Subje…

Read more
Red Hat JBoss BPM Suite Deserialization Vulnerability CVE-2018-8088 Security Update
access.redhat.com · 2025-11-09

### Key Information Summary - **Identifier**: RHSA-2018:2419 - **Security Severity**: Important - **Release Date**: 2018-08-15 - **Update Date**: 2018-08-15 #### Vulnerability Details - **Issue**: Red…

Read more
Premium intel
CVSS 9.8
CVE-2021-29476: Insecure Deserialization in rmcue/requests
github.com · 2025-11-09

## Vulnerability Key Information ### Vulnerability Name - **Insecure Deserialization of untrusted data** ### Severity - **Critical** - **CVSS v3 base metrics:** - Attack vector: Network - Attack compl…

Read more
OpenStack Swift Insecure Deserialization via Pickle (CVE-2012-4406) Fix
bugs.launchpad.net · 2025-11-09

### Key Information Summary **Bug ID:** 1006414 **Reported by:** Thierry Carrez **Reported on:** 2012-05-30 **Affected Project:** OpenStack Object Storage (swift) **Status:** Fix Released **Importance…

Read more
jackson-databind Multiple CVE Deserialization Vulnerabilities Fix Advisory
lists.debian.org · 2025-11-09

### Vulnerability Key Information - **Package**: jackson-databind - **Version**: 2.4.2-2+deb8u14 - **CVE IDs**: CVE-2020-10968, CVE-2020-10969, CVE-2020-11111, CVE-2020-11112, CVE-2020-11113, CVE-2020…

Read more
Milestone XProtect .NET Remoting Deserialization Vulnerability Hotfix Advisory
supportcommunity.milestonesys.com · 2025-11-10

### Vulnerability Key Information - **Vulnerability Name**: XProtect® VMS: .NET security vulnerability (hotfixes for 2016 R1 - 2018 R1) - **Vulnerability Description**: - **Affected Components**: Reco…

Read more
Jackson Databind CVE-2020-35490/35491 Deserialization Vulnerability Advisory
github.com · 2025-11-10

## Vulnerability Key Information - **Vulnerability Type**: CVE - **CVE IDs**: - CVE-2020-35490 - CVE-2020-35491 - **Affected Component**: - `org.apache.commons:commons-dbcp2` - **Reporter**: Al1ex@kno…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.