Falhas do tipo CWE-502

2.276 resultados
CVE-2026-9291HIGHInsecure Deserialization in Amazon Braket SDK Job Results ProcessingEPSS 0.4%CVE-2026-42473CRITICALUnsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize() on data from the EPSS 0.4%CVE-2026-42472CRITICALUnsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize() on data from RediEPSS 0.4%CVE-2026-24142MEDIUMNVIDIA TRT-LLM for any platform contains a deserialization vulnerability and unsafe serialized handle. A successful exploit of this vulnerEPSS 0.4%CVE-2025-71372HIGHPicklescan - Arbitrary Code Execution via numpy.f2py.crackfortran.getlincoef GadgetEPSS 0.4%CVE-2025-71370HIGHpicklescan - Remote Code Execution via torch.jit.unsupported_tensor_ops.execWrapperEPSS 0.4%CVE-2024-39636HIGHWordPress Better Find and Replace plugin <= 1.6.1 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-5536MEDIUMFedML-AI FedML gRPC server grpc_server.py sendMessage deserializationEPSS 0.4%CVE-2025-11993HIGHWooCommerce Infinite Scroll and Ajax Pagination <= 1.8 - Authenticated (Subscriber+) PHP Object InjectionEPSS 0.4%CVE-2026-28138HIGHWordPress uListing plugin <= 2.2.0 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-1741MEDIUMb1gMail Admin Page users.php deserializationEPSS 0.4%CVE-2025-10164MEDIUMlmsys sglang update_weights_from_tensor main deserializationEPSS 0.4%CVE-2025-36072HIGHIBM webMethods Integration DeserializationEPSS 0.4%CVE-2024-27985MEDIUMWordPress PropertyHive plugin <= 2.0.9 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-67996CRITICALWordPress Nestin theme < 1.2.6 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-69329CRITICALWordPress Prestige theme < 1.4.1 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-27082CRITICALWordPress Love Story theme <= 1.3.12 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-68541CRITICALWordPress Ippsum theme <= 1.2.0 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-69079CRITICALWordPress Sound | Musical Instruments Online Store theme <= 1.6.9 - Deserialization of untrusted data vulnerabilityEPSS 0.4%CVE-2025-67997CRITICALWordPress Travelicious theme < 1.6.7 - PHP Object Injection vulnerabilityEPSS 0.4%