Topic: unsafe deserialization

Sort by: Relevance | Date
  • Skuld Infostealer Exploits WSUS Flaw (CVE-2025-59287)
    October 31, 2025
    80%

    Skuld Infostealer Exploits WSUS Flaw (CVE-2025-59287)

    A critical remote code execution vulnerability (CVE-2025-59287) in Windows Server Update Services (WSUS) is being actively exploited, allowing attackers to install information-stealing malware on unpatched systems. The flaw stems from unsafe deserialization of untrusted data, enabling unauthentic...

    Read More »
  • Critical React & Node.js Flaw Patched: Update Now (CVE-2025-55182)
    December 5, 2025
    50%

    Critical React & Node.js Flaw Patched: Update Now (CVE-2025-55182)

    A critical remote code execution vulnerability (CVE-2025-55182) affects React versions 19.0.0 through 19.2.0, requiring an immediate update to version 19.2.1. The flaw involves unsafe deserialization in React Server Components, impacting not only React but also major dependent frameworks like Nex...

    Read More »

Related Topics

remote code execution (2) mitigation measures (1) data exfiltration (1) affected versions (1) vulnerability disclosure (1) network reconnaissance (1) web application firewall (1) security recommendations (1)