Falhas do tipo CWE-502
2.258 resultadosCVE-2026-50589MEDIUMIn OpenStack Ironic 32 before 37.0.0, an unauthenticated malicious user could submit a crafted JSON string to some endpoints on the API or JEPSS 0.4%CVE-2025-47784MEDIUMEmlog vulnerable to Deserialization of Untrusted DataEPSS 0.4%CVE-2025-48287CRITICALWordPress Pix 4x sem juros - Pagaleve plugin <= 1.6.9 - PHP Object Injection VulnerabilityEPSS 0.4%CVE-2025-39551CRITICALWordPress FluentBoards plugin <= 1.47 - PHP Object Injection VulnerabilityEPSS 0.4%CVE-2025-47568CRITICALWordPress ZoomSounds plugin <= 6.91 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-41699HIGHUnsafe Deserialization in Spring GraphQLEPSS 0.4%CVE-2026-39478HIGHWordPress Anti-Malware Security and Brute-Force Firewall plugin <= 4.23.87 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-39474HIGHWordPress Post Duplicator plugin <= 3.0.10 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-4860MEDIUM648540858 wvp-GB28181-pro API Endpoint RedisTemplateConfig.java GenericFastJsonRedisSerializer deserializationEPSS 0.4%CVE-2026-56057CRITICALWordPress Uncanny Automator Pro plugin <= 7.3.0.6 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2024-6441MEDIUMORIPA LoaderXML.java deserializationEPSS 0.4%CVE-2025-60229CRITICALWordPress Lagom theme <= 2.0 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-5114MEDIUMeasysoft zentaopms Editor index.php edit deserializationEPSS 0.4%CVE-2025-60230CRITICALWordPress The Barber Shop theme <= 1.9 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2022-41958HIGHDeserialization Vulnerability by yaml config input in super-xrayEPSS 0.4%CVE-2026-34877CRITICALAn issue was discovered in Mbed TLS versions from 2.19.0 up to 3.6.5, Mbed TLS 4.0.0. Insufficient protection of serialized SSL context or sEPSS 0.4%CVE-2026-22606HIGHFickling has a bypass via runpy.run_path() and runpy.run_module()EPSS 0.4%CVE-2025-26921HIGHWordPress Booking and Rental Manager Plugin <= 2.2.6 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-39467HIGHWordPress Responsive Slider by MetaSlider plugin <= 3.106.0 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-60245CRITICALWordPress WP User Manager plugin <= 2.9.12 - PHP Object Injection vulnerabilityEPSS 0.4%