Falhas do tipo CWE-502
2.276 resultadosCVE-2026-9828LOWLogback deserialization whitelist bypass for java.lang and java.utilEPSS 0.4%CVE-2025-54014CRITICALWordPress MediCenter - Health Medical Clinic <= 15.1 - PHP Object Injection VulnerabilityEPSS 0.4%CVE-2025-68903HIGHWordPress Anona theme <= 8.0 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-69099HIGHWordPress North theme <= 5.7.5 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-68899HIGHWordPress Vivagh theme <= 2.4 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-54686CRITICALWordPress Exertio Theme <= 1.3.2 - PHP Object Injection VulnerabilityEPSS 0.4%CVE-2025-68038HIGHWordPress Icegram Express Pro plugin < 5.9.14 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-25316HIGHWordPress CartFlows plugin <= 2.1.19 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-60035HIGHA vulnerability has been identified in the OPC.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are EPSS 0.4%CVE-2025-49083HIGHData deserialization vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.56EPSS 0.4%CVE-2025-60036HIGHA vulnerability has been identified in the UA.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are aEPSS 0.4%CVE-2026-22473HIGHWordPress Dental Clinic theme <= 3.7 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-58619HIGHWordPress Falang multilanguage Plugin <= 1.3.65 - PHP Object Injection VulnerabilityEPSS 0.4%CVE-2025-27925HIGHNintex Automation 5.6 and 5.7 before 5.8 has insecure deserialization of user input.EPSS 0.4%CVE-2025-71344HIGHpicklescan - Arbitrary Code Execution via Undetected ensurepip._run_pip FunctionEPSS 0.4%CVE-2025-52998HIGHChamilo: PHAR deserialization bypassEPSS 0.4%CVE-2025-8289HIGHRedirection for Contact Form 7 <= 3.2.4 - Unauthenticated PHP Object Injection via PHAR DeserializationEPSS 0.4%CVE-2026-27776HIGHIM-LogicDesigner module of intra-mart Accel Platform contains insecure deserialization issue. This can be exploited only when IM-LogicDesignEPSS 0.4%CVE-2025-58592HIGHWordPress TranslatePress Plugin <= 2.10.2 - Deserialization of untrusted data VulnerabilityEPSS 0.4%CVE-2025-71375HIGHpicklescan - Undetected Remote Code Execution via _operator.methodcallerEPSS 0.4%