Falhas do tipo CWE-502
2.257 resultadosCVE-2025-71349HIGHpicklescan - Arbitrary Code Execution via Undetected trace.Trace.run in Pickle FilesEPSS 0.6%CVE-2025-0724HIGHProfileGrid – User Profiles, Groups and Communities <= 5.9.4.5 - Authenticated (Subscriber+) PHP Object InjectionEPSS 0.6%CVE-2025-53606CRITICALApache Seata (incubating): Deserialization of untrusted Data in Apache Seata ServerEPSS 0.6%CVE-2025-14071HIGHLive Composer – Free WordPress Website Builder <= 2.0.2 - Authenticated (Contributor+) PHP Object Injection via dslc_module_posts_output ShortcodeEPSS 0.6%CVE-2025-10771MEDIUMjeecgboot JimuReport DB2 JDBC testConnection deserializationEPSS 0.6%CVE-2026-31219HIGHThe _load_model() function in the neural_magic_training.py script of the optimate project in commit a6d302f912b481c94370811af6b11402f51d377fEPSS 0.6%CVE-2025-50004HIGHWordPress JupiterX Core plugin <= 4.10.1 - PHP Object Injection vulnerabilityEPSS 0.6%CVE-2026-31218HIGHThe _load_model() function in the neural_magic_training.py script of the optimate project in commit a6d302f912b481c94370811af6b11402f51d377fEPSS 0.6%CVE-2024-37099CRITICALWordPress GiveWP plugin <= 3.14.1 - Unauthenticated PHP Object Injection vulnerabilityEPSS 0.6%CVE-2024-28777HIGHIBM Cognos Controller code executionEPSS 0.6%CVE-2025-26900CRITICALWordPress Flexmls® IDX Plugin Plugin <= 3.14.27 - PHP Object Injection vulnerabilityEPSS 0.6%CVE-2025-2689MEDIUMyiisoft Yii2 SortableIterator.php getIterator deserializationEPSS 0.6%CVE-2026-27429CRITICALWordPress Nifty theme <= 1.4.1 - PHP Object Injection vulnerabilityEPSS 0.6%CVE-2020-10721—A flaw was found in the fabric8-maven-plugin 4.0.0 and later. When using a wildfly-swarm or thorntail custom configuration, a malicious YAMLEPSS 0.6%CVE-2025-32283HIGHWordPress Solar Energy theme <= 3.5 - PHP Object Injection VulnerabilityEPSS 0.6%CVE-2025-66631HIGHCSLA .NET is vulnerable to Remote Code Execution via WcfProxyEPSS 0.6%CVE-2026-49286HIGHPhpWeasyPrint vulnerable to PHAR deserialization via output filename (CVE-2023-28115 case-insensitive bypass)EPSS 0.6%CVE-2026-22609HIGHFickling has Static Analysis Bypass via Incomplete Dangerous Module BlocklistEPSS 0.6%CVE-2026-2113MEDIUMyuan1994 tpadmin WebUploader preview.php deserializationEPSS 0.6%CVE-2026-8024CRITICALDeserialization vulnerability in ibaPDA and ibaDatCoordinatorEPSS 0.6%