Weaknesses of type CWE-502

2,276 results
CVE-2025-14925HIGHHugging Face Accelerate Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 0.3%CVE-2026-22248HIGHGLPI affected by Remote Code Execution via malicious uploadEPSS 0.3%CVE-2022-2465HIGHISaGRAF Workbench Deserialization of Untrusted Data CWE-502EPSS 0.3%CVE-2025-14922HIGHHugging Face Diffusers CogView4 Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 0.3%CVE-2025-14929HIGHHugging Face Transformers X-CLIP Checkpoint Conversion Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 0.3%CVE-2026-7597MEDIUMmem0ai mem0 faiss.py pickle.dump deserializationEPSS 0.3%CVE-2025-46183HIGHThe Utils.deserialize function in pgCodeKeeper 10.12.0 processes serialized data from untrusted sources. If an attacker provides a speciallyEPSS 0.3%CVE-2023-1145HIGH Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a deserialization vulnerability targeting the DeviEPSS 0.3%CVE-2025-60236CRITICALWordPress Creatify theme <= 1.5 - PHP Object Injection vulnerabilityEPSS 0.3%CVE-2024-37502MEDIUMWordPress Social Login plugin <= 2.6.3 - PHP Object Injection vulnerabilityEPSS 0.3%CVE-2025-60231CRITICALWordPress The Hospital theme <= 1.8.1 - PHP Object Injection vulnerabilityEPSS 0.3%CVE-2024-33641MEDIUMWordPress Custom field finder plugin <= 0.3 - PHP Object Injection vulnerabilityEPSS 0.3%CVE-2026-24165HIGHNVIDIA BioNeMo contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of this vulnerabiEPSS 0.3%CVE-2026-2555LOWJeecgBoot Retrieval-Augmented Generation AiragKnowledgeController.java importDocumentFromZip deserializationEPSS 0.3%CVE-2021-4178A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly EPSS 0.3%CVE-2026-56037HIGHWordPress Themify Popup plugin <= 1.4.3 - PHP Object Injection vulnerabilityEPSS 0.3%CVE-2026-39554HIGHWordPress Fidalgo theme <= 1.2.2 - PHP Object Injection vulnerabilityEPSS 0.3%CVE-2026-40738HIGHWordPress Eldon theme <= 1.4.1 - PHP Object Injection vulnerabilityEPSS 0.3%CVE-2026-40752HIGHWordPress Manufaktur Solutions theme <= 1.1.1 - PHP Object Injection vulnerabilityEPSS 0.3%CVE-2026-39442HIGHWordPress PressMart theme <= 1.2.26 - PHP Object Injection vulnerabilityEPSS 0.3%