Falhas do tipo CWE-502
2.256 resultadosCVE-2026-7304CRITICALCVE-2026-7304EPSS 0.6%CVE-2025-71363HIGHpicklescan - Arbitrary Code Execution via Undetected cProfile.run in Pickle DeserializationEPSS 0.6%CVE-2025-27511HIGHGeoServer DB2 DataStore Extension has a JNDI Vulnerability via Store ConnectionEPSS 0.6%CVE-2025-47292CRITICALCap Collectif vulnerable to insecure deserialization leading to remote code executionEPSS 0.6%CVE-2024-13833HIGHAlbum Gallery – WordPress Gallery <= 1.6.3 - Authenticated (Editor+) PHP Object Injection via Gallery MetaEPSS 0.6%CVE-2024-22284HIGHWordPress Asgaros Forum Plugin <= 2.7.2 is vulnerable to PHP Object InjectionEPSS 0.6%CVE-2026-39890CRITICALPraisonAI Affected by Remote Code Execution via YAML Deserialization in Agent Definition LoadingEPSS 0.6%CVE-2024-13136MEDIUMwangl1989 mysiteforme ShiroConfig.java rememberMeManager deserializationEPSS 0.6%CVE-2022-2446HIGHWP Editor <= 1.2.9 - Authenticated (Admin+) PHAR DeserializationEPSS 0.6%CVE-2025-33244CRITICALNVIDIA APEX for Linux contains a vulnerability where an unauthorized attacker could cause a deserialization of untrusted data. This vulnerabEPSS 0.6%CVE-2022-2886MEDIUMLaravel deserializationEPSS 0.6%CVE-2025-31074HIGHWordPress MDJM Event Management plugin <= 1.7.5.2 - PHP Object Injection vulnerabilityEPSS 0.6%CVE-2025-24661HIGHWordPress Taxi Booking Manager for WooCommerce plugin <= 1.1.8 - PHP Object Injection vulnerabilityEPSS 0.6%CVE-2022-45083MEDIUMWordPress ProfilePress Plugin <= 4.3.2 is vulnerable to PHP Object InjectionEPSS 0.6%CVE-2025-27528CRITICALApache InLong: JDBC Vulnerability for Invisible Character Bypass Leading to Arbitrary File ReadEPSS 0.6%CVE-2025-27531CRITICALApache InLong: An arbitrary file read vulnerability for JDBCEPSS 0.6%CVE-2026-21619LOWUnsafe Deserialization of Erlang Terms in hex_coreEPSS 0.6%CVE-2024-33553CRITICALWordPress XStore Core plugin <= 5.3.5 - Unauthenticated PHP Object Injection vulnerabilityEPSS 0.6%CVE-2022-45134CRITICALMahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 deserializes user input unsafely during skin import. A particulaEPSS 0.6%CVE-2026-20251HIGHRemote Code Execution through Deserialization of Untrusted Data in Splunk Secure GatewayEPSS 0.6%