Home/Tag/Deserialization

Deserialization

2 articles tagged with "Deserialization"

Vulnerabilities4 min read

U-Office Force CVE-2026-3422 Enables Unauthenticated RCE

Critical insecure deserialization vulnerability in U-Office Force allows remote attackers to execute arbitrary code without authentication. CVSS 9.8, no patch available yet.

Marcus ChenMar 2, 2026

Vulnerabilities3 min read

SolarWinds Web Help Desk Gets Emergency Patches for Four Critical Flaws

Deserialization bugs and authentication bypasses enable unauthenticated RCE. Attackers have targeted WHD vulnerabilities before.

Marcus ChenJan 30, 2026