Weaknesses of type CWE-502
2,276 resultsCVE-2025-20276LOWCisco Unified Contact Center Express Remote Code Execution VulnerabilityEPSS 0.4%CVE-2025-9121HIGHHitachi Vantara Pentaho Business Analytics Server - Deserialization of Untrusted DataEPSS 0.4%CVE-2025-60084HIGHWordPress PDF for Elementor Forms + Drag And Drop Template Builder plugin <= 6.5.0 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-24954HIGHWordPress WpEvently plugin <= 5.0.8 - Deserialization of untrusted data vulnerabilityEPSS 0.4%CVE-2024-32835MEDIUMWordPress Export and Import Users and Customers plugin <= 2.5.3 - Deserialization of untrusted data vulnerabilityEPSS 0.4%CVE-2025-8708LOWAntabot White-Jotter com.gm.wj.config.ShiroConfiguration ShiroConfiguration.java CookieRememberMeManager deserializationEPSS 0.4%CVE-2026-3199CRITICALNexus Repository 3 - Authenticated Remote Code Execution via Task Property InjectionEPSS 0.4%CVE-2026-39498HIGHWordPress YayMail plugin <= 4.3.3 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-24891HIGHopenITCOCKPIT has Unsafe PHP Deserialization in Gearman Worker Allowing Conditional Object InjectionEPSS 0.4%CVE-2025-12844HIGHAI Engine <= 3.1.8 - Authenticated (Subscriber+) PHP Object Injection via PHAR DeserializationEPSS 0.4%CVE-2026-22471HIGHWordPress Secudeal Payments for Ecommerce plugin <= 1.1 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-3622MEDIUMXorbits Inference model.py load deserializationEPSS 0.4%CVE-2024-39334MEDIUMMENDELSON AS4 before 2024 B376 has a client-side vulnerability when a trading partner provides prepared XML data. When a victim opens the deEPSS 0.4%CVE-2024-5998MEDIUMDeserialization of Untrusted Data in langchain-ai/langchainEPSS 0.4%CVE-2024-28964HIGHDell Common Event Enabler, version 8.9.10.0 and prior, contain an insecure deserialization vulnerability in CAVATools. A local unauthenticatEPSS 0.4%CVE-2025-0769MEDIUMPixelYourSite 10.1.1.1 - Insecure deserializationEPSS 0.4%CVE-2026-27379HIGHWordPress NextScripts plugin <= 4.4.7 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-64266HIGHWordPress Booking and Rental Manager plugin <= 2.5.4 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-60081HIGHWordPress PDF for Contact Form 7 plugin <= 6.5.0 - Deserialization of untrusted data vulnerabilityEPSS 0.4%CVE-2025-60082HIGHWordPress PDF for WPForms plugin <= 6.5.0 - Deserialization of untrusted data vulnerabilityEPSS 0.4%