Home/Tag/Deserialization

Deserialization

4 articles tagged with "Deserialization"

Vulnerabilities4 min read

Group-Office Deserialization Bug Enables Server Takeover (CVSS 9.9)

CVE-2026-34838 lets authenticated attackers achieve RCE on Group-Office CRM servers via insecure deserialization. Upgrade to patched versions immediately.

Vulnerability DeskApr 6, 2026

Vulnerabilities3 min read

PTC Windchill CVSS 10 RCE Bug Prompts German Police Response

Critical deserialization flaw CVE-2026-4681 in PTC Windchill and FlexPLM threatens manufacturing sector. German federal police dispatched to warn companies of imminent exploitation.

Vulnerability DeskMar 25, 2026

Vulnerabilities4 min read

U-Office Force CVE-2026-3422 Enables Unauthenticated RCE

Critical insecure deserialization vulnerability in U-Office Force allows remote attackers to execute arbitrary code without authentication. CVSS 9.8, no patch available yet.

Vulnerability DeskMar 2, 2026

Vulnerabilities3 min read

SolarWinds Web Help Desk Gets Emergency Patches for Four Critical Flaws

Deserialization bugs and authentication bypasses enable unauthenticated RCE. Attackers have targeted WHD vulnerabilities before.

Vulnerability DeskJan 30, 2026