Falhas do tipo CWE-502
2.276 resultadosCVE-2026-31221HIGHPyTorch-Lightning versions 2.6.0 and earlier contain an insecure deserialization vulnerability (CWE-502) in the checkpoint loading mechanismEPSS 0.4%CVE-2025-11135MEDIUMpmTicket Project-Management-Software Cookie class.database.php loadLanguage deserializationEPSS 0.4%CVE-2026-2471HIGHWP Mail Logging <= 1.15.0 - Unauthenticated PHP Object Injection via Email Log Message FieldEPSS 0.4%CVE-2025-53078HIGHDeserialization of Untrusted Data in Samsung DMS(Data Management Server) allows attackers to execute arbitrary code via write file to systemEPSS 0.4%CVE-2024-32431MEDIUMWordPress Import Users from CSV plugin <= 1.2 - PHP Object InjectionEPSS 0.4%CVE-2026-49781CRITICALWordPress OttoKit plugin <= 1.1.27 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-49769CRITICALWordPress wpForo Forum plugin <= 3.1.0 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-49763CRITICALWordPress Integration for Contact Form 7 HubSpot plugin <= 1.3.7 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-49109CRITICALWordPress Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin <= 1.4.3 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-49106CRITICALWordPress Integration for Contact Form 7 and Constant Contact plugin <= 1.1.6 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-23549CRITICALWordPress WpEvently plugin <= 5.1.1 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-49765CRITICALWordPress Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.1.8 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-32647HIGHWordPress Question Answer plugin <= 1.2.73 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-49770CRITICALWordPress WP Travel Engine plugin <= 6.7.12 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-32662HIGHWordPress uListing plugin <= 2.2.0 - Deserialization of untrusted data vulnerabilityEPSS 0.4%CVE-2026-49768CRITICALWordPress Happyforms plugin <= 1.26.13 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-39527HIGHWordPress Rating by BestWebSoft plugin <= 1.7 - PHP Object Injection VulnerabilityEPSS 0.4%CVE-2022-41596HIGHThe system tool has inconsistent serialization and deserialization. Successful exploitation of this vulnerability will cause unauthorized stEPSS 0.4%CVE-2025-52761CRITICALWordPress WP Funnel Manager Plugin <= 1.4.0 - PHP Object Injection VulnerabilityEPSS 0.4%CVE-2026-27338HIGHWordPress Car Zone theme <= 3.7 - Deserialization of untrusted data vulnerabilityEPSS 0.4%