All news with #insecure deserialization tag

⚠️ A critical vulnerability, CVE-2026-25874, was disclosed in Hugging Face's open-source robotics framework LeRobot, enabling unauthenticated remote code execution via unsafe deserialization with pickle.loads(). The flaw affects the async inference PolicyServer handling gRPC calls (SendPolicyInstructions, SendObservations, GetActions) over unauthenticated channels and has been validated against LeRobot 0.4.3. A patch is planned for version 0.6.0; operators should treat exposed instances as high-risk and apply mitigations such as enabling TLS, restricting network access, and eliminating pickle-based deserialization.

⚠ Hitachi Energy disclosed a critical Java deserialization flaw in the Jaspersoft/Jasper Report library used by Ellipse, tracked as CVE-2025-10492, which can enable remote code execution. Affected versions include Ellipse 9.0.50 and earlier and the issue carries a CVSS 3.1 score of 9.8. Immediate mitigations include restricting loading of external custom reports to only administrator-approved Jasper files, isolating control systems from public networks, and following updates from Hitachi Energy PSIRT.

🔒 Researchers disclosed three vulnerabilities in LangChain and LangGraph that can expose filesystem files, environment secrets, and conversation history. The flaws — a path traversal, insecure deserialization, and an SQL injection — provide independent attack paths enabling exfiltration of Docker configs, API keys, and stored chats. Patches are available for the affected packages and organizations are urged to update immediately and audit prompt templates, deserialization paths, and checkpoint metadata.

🔒 Schneider Electric has disclosed a deserialization of untrusted data vulnerability (CVE-2026-1286) impacting EcoStruxure Foxboro DCS versions prior to CS 8.1. An authenticated administrative user who opens a malicious project file could compromise confidentiality and integrity and potentially achieve remote code execution on a workstation (CVSS 3.1: 6.5). Schneider released CS 8.1 which requires FX-V3 licenses and a reboot; standard upgrade procedures apply. Until patched, follow mitigations such as restricting files to trusted sources, enforcing least privilege, and isolating DCS networks.

⚠️ Amazon disclosed that the ransomware group Interlock exploited a critical deserialization flaw in Cisco Secure Firewall Management Center (CVE-2026-20131) as a zero-day beginning January 26, roughly 38 days before Cisco released a patch on March 4. The bug carries a CVSS score of 10 and was addressed in Cisco’s semiannual firewall update alongside a second high-severity FMC issue. Using its MadPot honeypot network, Amazon captured attacker activity, recovered a malicious ELF binary, and traced a full attack chain that leveraged a single poorly secured staging server. The findings underscore the limits of patching alone and the need for layered defenses and urgent log hunting for provided indicators.

⚠️ CISA has added CVE-2026-20131 to the Known Exploited Vulnerabilities (KEV) Catalog based on evidence of active exploitation. The vulnerability involves deserialization of untrusted data in Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management. This class of flaw is a common attack vector and poses significant risk. CISA reminds Federal Civilian Executive Branch agencies to remediate per BOD 22-01 and urges all organizations to prioritize timely remediation as part of normal vulnerability management.

⚠️ Schneider Electric disclosed a deserialization-of-untrusted-data vulnerability affecting EcoStruxure Power Monitoring Expert (PME) and the Advanced Reporting and Dashboards module for EcoStruxure Power Operation (EPO). A locally authenticated attacker can supply crafted data to trigger unsafe deserialization and achieve arbitrary code execution with administrative privileges. Schneider has released hotfixes and recommends upgrading to PME 2024 R3; contact Customer Care to obtain fixes. Hotfixes for supported branches report no reboot required.

🔴 The Cybersecurity and Infrastructure Security Agency (CISA) warned that a critical deserialization vulnerability in Microsoft SharePoint, tracked as CVE-2026-20963, is being exploited in the wild. The flaw affects SharePoint Enterprise Server 2016, SharePoint Server 2019, and SharePoint Server Subscription Edition and can allow unauthenticated remote code execution on unpatched servers. Microsoft patched the issue during January Patch Tuesday but has not labeled it as exploited; CISA added the vulnerability to its actively exploited catalog and ordered federal agencies to remediate by March 21.

⚠️ CISA has added CVE-2026-20963 — a Microsoft SharePoint deserialization of untrusted data vulnerability — to its Known Exploited Vulnerabilities (KEV) Catalog after observing active exploitation. This class of flaw is a frequent attack vector that can allow malicious actors to execute code or manipulate data when untrusted input is deserialized. CISA reminds Federal Civilian Executive Branch agencies that BOD 22-01 requires remediation by the assigned due dates and strongly urges all organizations to prioritize timely fixes.

🔒 A deserialization vulnerability in Inductive Automation Ignition (CVE-2025-13913) allows a privileged, authenticated user to import a crafted file that executes embedded code during deserialization, potentially running with the OS application service account's permissions. The flaw affects Ignition versions prior to 8.3.0 and carries a CVSS v3.1 base score of 6.3; CISA reports it is not remotely exploitable and no public exploitation is known. Remediation is to upgrade to 8.3.0 or later. As interim mitigations, follow the Ignition Security Hardening Guide, restrict project imports to trusted sources, use dedicated low-privilege service accounts, and segment gateways from corporate networks.

🔒 CISA has flagged a critical SolarWinds Web Help Desk vulnerability (CVE-2025-40551) as actively exploited and ordered federal agencies to patch within three days under BOD 22-01. The flaw is an untrusted data deserialization weakness that can enable unauthenticated remote command execution; SolarWinds released Web Help Desk 2026.1 on January 28 to address it. Administrators are urged to apply the patch immediately and verify affected systems.

⚠️ Hitachi Energy has disclosed a critical remote code execution vulnerability in Asset Suite, caused by a Java deserialization flaw in the Jaspersoft library (CVE-2025-10492). The issue affects Asset Suite versions 9.7 and earlier and carries a CVSS v3.1 base score of 9.8 — allowing attackers to execute arbitrary code on vulnerable systems. Hitachi Energy advises upgrading to version 9.8 to remediate the defect. Until patched, administrators should restrict loading of external custom reports, segment networks, and deny internet exposure for control system devices.

⚠️ CISA has added a critical remote code execution flaw affecting React Server Components (tracked as CVE-2025-55182 / React2Shell) to its Known Exploited Vulnerabilities catalog. The vulnerability, rated CVSS 10.0, stems from insecure deserialization in React’s Flight protocol and enables unauthenticated attackers to run arbitrary commands via crafted HTTP requests. Fixes are available in react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack (versions 19.0.1, 19.1.2, 19.2.1) and should be applied immediately.

🛡️ A critical remote code execution flaw, CVE-2025-55182 (React4Shell), was disclosed affecting React Server Components and multiple derivatives including Next.js, React Router RSC preview, and several bundler plugins. The bug arises from unsafe deserialization of Flight protocol payloads and permits unauthenticated HTTP requests to execute code on vulnerable servers. Immediate updating to the patched React and Next.js releases, plus deployment of WAF rules and access restrictions, is strongly recommended.

🚨 React and Next.js applications are affected by a maximum-severity deserialization vulnerability dubbed React2Shell, which enables unauthenticated remote code execution via the React Server Components (RSC) "Flight" protocol. Discovered by researcher Lachlan Davidson and reported on November 29, the flaw received a 10/10 severity rating and has been assigned CVE-2025-55182 for React (Next.js received CVE-2025-66478, later rejected by the NVD). Affected default packages include react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack, and researchers warn many deployments are exploitable without additional misconfiguration. Developers should apply the published patches and audit environments immediately.

⚠️ Developers must immediately upgrade React 19 and affected frameworks such as Next.js after researchers at Wiz disclosed a critical deserialization vulnerability in the React Server Components (RSC) Flight protocol that can enable remote code execution. The flaw exists in default configurations and impacts React 19.0.0, 19.1.0, 19.1.1 and 19.2.0, while Next.js 15.x and 16.x App Router deployments received a related CVE. Upgrade to the latest vendor-recommended releases now and follow the React blog's guidance.

🚨 A maximum-severity remote code execution vulnerability in React Server Components (CVE-2025-55182, CVSS 10.0) allows unauthenticated attackers to execute arbitrary JavaScript by sending crafted payloads to Server Function endpoints. Affected npm packages include react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack in specific 19.x releases; fixes are available in 19.0.1, 19.1.2, and 19.2.1. The issue also impacts Next.js (CVE-2025-66478, CVSS 10.0) across multiple releases and has been patched in a series of 15.x and 16.x updates. Security firm Wiz reports roughly 39% of cloud environments host vulnerable instances; apply patches immediately.

⚠️ Oligo Security researcher Avi Lumelsky disclosed a widespread insecure-deserialization pattern dubbed ShadowMQ that affects major AI inference engines including vLLM, NVIDIA TensorRT-LLM, Microsoft Sarathi-Serve, Modular Max Server and SGLang. The root cause is using ZeroMQ's recv_pyobj() to deserialize network input with Python's pickle, permitting remote arbitrary code execution. Patches vary: some projects fixed the issue, others remain partially addressed or unpatched, and mitigations include applying updates, removing exposed ZMQ sockets, and auditing code for unsafe deserialization.

🔒 Cybersecurity researchers disclosed a chain of remote code execution (RCE) vulnerabilities affecting AI inference frameworks from Meta, NVIDIA, Microsoft and open-source projects such as vLLM and SGLang. The flaws stem from reused code that called ZeroMQ’s recv-pyobj() and passed data directly into Python’s pickle.loads(), enabling unauthenticated RCE over exposed sockets. Vendors have released patches replacing unsafe pickle usage with JSON-based serialization and adding authentication and transport protections. Operators are urged to upgrade to patched releases and harden ZMQ channels, restrict network exposure, and avoid deserializing untrusted data.

⚠️ A critical unauthenticated remote code execution vulnerability in Microsoft Windows Server Update Services was identified as CVE-2025-59287 and observed being actively exploited in October 2025. The flaw stems from unsafe deserialization in WSUS endpoints (GetCookie and ReportingWebService) and enables remote attackers to execute arbitrary code as SYSTEM. Microsoft issued an emergency out-of-band patch on Oct 23 after initial Patch Tuesday fixes were incomplete; organizations should apply the update or follow temporary mitigations such as disabling the WSUS Server Role or blocking inbound TCP ports 8530/8531 immediately.