https://github.com/google/gson
GitHub - google/gson: A Java serialization/deserialization library to convert Java Objects into...
A Java serialization/deserialization library to convert Java Objects into JSON and back - google/gson
google gsonjava serialization
https://www.ruby-lang.org/en/news/2026/04/21/erb-cve-2026-41316/
CVE-2026-41316: ERB @_init deserialization guard bypass via def_module / def_method / def_class |...
We published security advisory for CVE-2026-41316.
https://www.sentinelone.com/vulnerability-database/cve-2024-8502/
CVE-2024-8502: AgentScope Deserialization RCE Vulnerability
CVE-2024-8502 is a remote code execution vulnerability in modelscope/agentscope. Learn about its impact, affected versions, and mitigation methods.
cveagentscopedeserializationrcevulnerability
https://www.fortra.com/security/advisories/product-security/fi-2025-012
Deserialization Vulnerability in GoAnywhere MFT's License Servlet
deserializationvulnerabilitygoanywheremftlicense
https://www.drupal.org/project/views_dynamic_fields/issues/3056600
Drupal module - Views Dynamic Fields - insecure deserialization [#3056600] | Drupal.org
May 23, 2019 - Note: The description will be also posted on fulldisclosure mailing list. Drupal module - Views Dynamic Fields - insecure deserialization...
drupal moduledynamic fieldsviewsinsecuredeserialization
https://portswigger.net/bappstore/228336544ebe4e68824b5146dbbd93ae
Java Deserialization Scanner - PortSwigger
Performs active and passive scans to detect Java deserialization vulnerabilities.
javadeserializationscannerportswigger
https://portswigger.net/web-security/deserialization/exploiting/lab-deserialization-using-application-functionality-to-exploit-insecure-deserialization
Lab: Using application functionality to exploit insecure deserialization | Web Security Academy
This lab uses a serialization-based session mechanism. A certain feature invokes a dangerous method on data provided in a serialized object. To solve the ...
web securitylabusingapplicationfunctionality
https://www.openwall.com/lists/oss-security/2023/07/25/11
oss-security - CVE-2023-38647: Apache Helix: Deserialization vulnerability in Helix workflow and...
https://openwall.com/lists/oss-security/2026/04/12/6
oss-security - CVE-2026-35337: Apache Storm Client: RCE through Unsafe Deserialization via Kerberos...
https://www.sentinelone.com/vulnerability-database/cve-2024-30221/
CVE-2024-30221: Sunshine Photo Cart Deserialization Flaw
CVE-2024-30221 is a deserialization vulnerability in Sunshine Photo Cart. Learn about its impact, affected versions, and mitigation methods.
sunshine photo cartcvedeserializationflaw
https://hashnode.com/posts/serialization-and-deserialization-in-js/69b7a480f4eb2f8b045f4b99
Discussion on "Serialization and Deserialization in JS" | Hashnode
Discussion on "Serialization and Deserialization in JS". While the title and sub includes a lot of heavy Jargons throughout this blog I explain each one...
discussionserializationjshashnode
https://openwall.com/lists/oss-security/2026/02/27/4
oss-security - OSEC-2026-01 in the OCaml runtime: Buffer Over-Read in OCaml Marshal Deserialization
https://www.mail-archive.com/issues@flink.apache.org/msg820770.html
Re: [PR] [FLINK-39200][mysql] Skip insert/update/delete binlog deserialization of unsubscribed...
https://typo3.org/security/advisory/typo3-core-sa-2019-026/
TYPO3-CORE-SA-2019-026: Insecure Deserialization in Query Generator & Query View - TYPO3 Project
It has been discovered that TYPO3 CMS is vulnerable to insecure deserialization.
https://www.sentinelone.com/vulnerability-database/cve-2026-35537/
CVE-2026-35537: Roundcube Webmail Deserialization Flaw
CVE-2026-35537 is an unsafe deserialization vulnerability in Roundcube Webmail. Learn about its impact, affected versions, and mitigation methods.
roundcube webmailcvedeserializationflaw
https://www.sentinelone.com/vulnerability-database/cve-2024-24797/
CVE-2024-24797: ERE Recently Viewed Deserialization Flaw
CVE-2024-24797 is a deserialization vulnerability in ERE Recently Viewed Essential Real Estate Add-On. Learn about its impact, affected versions, and fixes.
recently viewedcveeredeserializationflaw
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00007
WatchGuard Firebox Insecure Deserialization in Fireware Access Portal | WatchGuard Technologies
Mar 26, 2026 - An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has obtained write access to the local filesystem through another...
watchguard fireboxaccess portalinsecuredeserializationtechnologies
https://www.sentinelone.com/vulnerability-database/cve-2024-9070/
CVE-2024-9070: BentoML Deserialization RCE Vulnerability
CVE-2024-9070 is a deserialization RCE vulnerability in BentoML runner server. Learn about its impact, affected versions, and mitigation methods.
cvebentomldeserializationrcevulnerability
https://hackaday.com/tag/deserialization/
Deserialization | Hackaday
deserializationhackaday
https://www.telerik.com/forums/error-during-serialization-or-deserialization-using-the-json-javascriptserializer-the-length-of-the-string-exceeds-the-value-set-on-the-maxjsonlength-
Error during serialization or deserialization using the JSON JavaScriptSerializer. The length of...
Hello, I have a web application that uses RadTreeView control for displaying data. When displaying large amount of data, it throws following error: "Error du...
errorserialization
https://github.com/joaomatosf/jexboss
GitHub - joaomatosf/jexboss: JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and...
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool - joaomatosf/jexboss
githubjbossjavadeserializationvulnerabilities
https://www.ibm.com/support/pages/node/7185949
Security Bulletin: Arbitrary QPY Execution in Qiskit SDK QPY Deserialization 13
A maliciously crafted QPY payload can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY format...
security bulletinarbitraryexecutionqiskitsdk
https://www.huawei.com/en/psirt/security-advisories/2021/huawei-sa-20210619-01-injection-en
Security Advisory - Deserialization Vulnerability in Huawei AnyOffice Product
security advisorydeserializationvulnerabilityhuaweiproduct
https://www.sonatype.com/blog/jackson-databind-the-end-of-the-blacklist
How to Secure Jackson-Databind Deserialization Vulnerability
Our October Nexus Intelligence Insight takes a second look at a popular component that's both a blessing and a curse to developers - jackson-databind.
how tosecurejacksondeserializationvulnerability
https://www.openwall.com/lists/oss-security/2025/11/19/1
oss-security - CVE-2025-64408: Apache Causeway: Java deserialization vulnerability to authenticated...
https://www.codementor.io/xml-deserialization-experts
Xml deserialization Expert Help Online (May 2026) - Codementor
Get help from Xml deserialization experts in 6 minutes. Our on-demand, Xml deserialization experts are always ready to lend their expertise to you ASAP.
expert helpxmldeserializationonlinemay
https://www.exploit-db.com/exploits/41613
IBM WebSphere - RCE Java Deserialization (Metasploit) - Windows remote Exploit
Mar 15, 2017 - IBM WebSphere - RCE Java Deserialization (Metasploit). CVE-2015-7450 . remote exploit for Windows platform
ibm webspherewindows remotercejavadeserialization
https://mail-archive.com/jobs@airflow.apache.org/msg88136.html
[GH] (airflow/callable-deserialization-01-64609): Workflow run "Tests" failed!
workflow runghairflowcallabledeserialization
https://www.sentinelone.com/vulnerability-database/cve-2025-15610/
CVE-2025-15610: RightFax Deserialization Vulnerability
CVE-2025-15610 is a deserialization vulnerability in OpenText RightFax. Learn about its impact, affected versions, and mitigation methods.
cverightfaxdeserializationvulnerability
https://www.hitachi.com/products/it/software/security/info/vuls/HS16-010/index.html
Apache Commons Collections deserialization Vulnerability in Hitachi Command Suite: Software...
The Software Vulnerability Information website provides security information about middleware offered by Hitachi.
apache commonscollectionsdeserializationvulnerabilityhitachi
https://www.digitalocean.com/community/tutorials/python-pickle-example?comment=177744
Python Pickle Example: A Guide to Serialization & Deserialization | DigitalOcean
Learn Python pickle with clear examples: dump/load, protocols, secure unpickling practices, comparisons to json, and when (not) to use pickle.
a guide topythonpickleexampleserialization
https://snyk.io/blog/swift-deserialization-security-primer/
Swift deserialization security primer | Snyk
Jul 18, 2023 - This blog will detail deserialization vulnerabilities in Swift that can occur when using the popular APIs, NScoding and NSSecureCoding, and how to prevent it...
swiftdeserializationsecurityprimersnyk
https://www.redhat.com/ko/blog/jdk-approach-address-deserialization-vulnerability
JDK approach to address deserialization vulnerability
Java Deserialization of untrusted data has been a security buzzword for the past couple of years with almost every application using native Java serialization...
jdkapproachaddressdeserializationvulnerability
https://snyk.io/blog/unsafe-deserialization-snakeyaml-java-cve-2022-1471/
Unsafe deserialization in SnakeYaml - Exploring CVE-2022-1471 | Snyk
Dec 13, 2022 - SnakeYaml, a YAML 1.1 parser and emitter for Java, has been reported as vulnerable to CVE-2022-1471, a deserialization vulnerability that can lead to arbitrary...
unsafedeserializationsnakeyamlexploringcve
https://snyk.io/jp/blog/jackson-deserialization-vulnerability/
Jackson Deserialization Vulnerability | Snyk
Aug 21, 2019 - On July 29th, 2019 a high severityDeserialization of Untrusted Data vulnerability (CVE-2019-14379,CVE-2019-14439) affecting all versions of...
jacksondeserializationvulnerabilitysnyk
https://www.mail-archive.com/issues@paimon.apache.org/msg27911.html
Re: [PR] feat: implement BinaryRow deserialization for partition bytes [paimon-rust]
prfeatimplement
https://www.digitalocean.com/community/tutorials/python-pickle-example?comment=177749
Python Pickle Example: A Guide to Serialization & Deserialization | DigitalOcean
Learn Python pickle with clear examples: dump/load, protocols, secure unpickling practices, comparisons to json, and when (not) to use pickle.
a guide topythonpickleexampleserialization
https://www.mail-archive.com/issues@flink.apache.org/msg820771.html
Re: [PR] [FLINK-39200][mysql] Skip insert/update/delete binlog deserialization of unsubscribed...
https://www.exploit-db.com/exploits/42394
Jenkins 1.650 - Java Deserialization - Java remote Exploit
jenkinsjavadeserializationremoteexploit
https://www.exploit-db.com/papers/47655
YAML Deserialization Attack in Python
Nov 13, 2019 - YAML Deserialization Attack in Python
yamldeserializationattackpython
https://www.openwall.com/lists/oss-security/2025/12/18/2
oss-security - CVE-2025-66524: Apache NiFi: Deserialization of Untrusted Data in GetAsanaObject...
https://metacpan.org/release/HEYTRAV/Hessian-Translator-1.01
Hessian-Translator-1.01 - Base class for Hessian serialization/deserialization. - metacpan.org
Base class for Hessian serialization/deserialization.
base classhessiantranslator
https://noti.st/lu513n/sDPcEF/java-deserialization
Java Deserialization
javadeserialization
https://www.mail-archive.com/issues@paimon.apache.org/msg27909.html
Re: [PR] feat: implement BinaryRow deserialization for partition bytes [paimon-rust]
prfeatimplement
https://pub.dev/documentation/firestorm/latest/rdb_helpers_rdb_deserialization_helper/
rdb_deserialization_helper library - Dart API
rdb_deserialization_helper library API docs, for the Dart programming language.
rdbdeserializationhelperlibrarydart
https://www.mail-archive.com/dev%40mina.apache.org/msg39312.html
CVE-2022-45047: Apache MINA SSHD: Java unsafe deserialization vulnerability
cveapacheminasshdjava
https://www.sentinelone.com/vulnerability-database/cve-2026-40044/
CVE-2026-40044: Pachno Deserialization RCE Vulnerability
CVE-2026-40044 is a deserialization RCE vulnerability in Pachno 1.0.6. Learn about its impact, affected versions, and mitigation methods.
cvedeserializationrcevulnerability
https://portswigger.net/web-security/deserialization/exploiting/lab-deserialization-exploiting-java-deserialization-with-apache-commons
Lab: Exploiting Java deserialization with Apache Commons | Web Security Academy
This lab uses a serialization-based session mechanism and loads the Apache Commons Collections library. Although you don't have source code access, you can ...
apache commonsweb securitylabexploitingjava
https://github.com/michiel/jsonapi-rust
GitHub - michiel/jsonapi-rust: Rust library for serialization, deserialization and working with...
Rust library for serialization, deserialization and working with JSON-API data - michiel/jsonapi-rust
rust librarygithubmichieljsonapi
https://www.digitalocean.com/community/tutorials/python-pickle-example?comment=177743
Python Pickle Example: A Guide to Serialization & Deserialization | DigitalOcean
Learn Python pickle with clear examples: dump/load, protocols, secure unpickling practices, comparisons to json, and when (not) to use pickle.
a guide topythonpickleexampleserialization
https://www.mail-archive.com/issues@flink.apache.org/msg820772.html
Re: [PR] [FLINK-39200][mysql] Skip insert/update/delete binlog deserialization of unsubscribed...
https://www.mail-archive.com/announce@apache.org/msg07040.html
CVE-2022-23302: Deserialization of untrusted data in JMSSink in Apache Log4j 1.x
https://dev.to/pentest_testing_corp/prevent-insecure-deserialization-in-laravel-a-comprehensive-guide-1mcc
Prevent Insecure Deserialization in Laravel: A Comprehensive Guide - DEV Community
Introduction Insecure deserialization is a critical web application vulnerability that can... Tagged with cybersecurity, vulnerabilities, laravel, php.
a comprehensive guidepreventinsecuredeserializationlaravel
https://snyk.io/de/blog/jackson-deserialization-vulnerability/
Jackson Deserialization Vulnerability | Snyk
Aug 21, 2019 - On July 29th, 2019 a high severityDeserialization of Untrusted Data vulnerability (CVE-2019-14379,CVE-2019-14439) affecting all versions of...
jacksondeserializationvulnerabilitysnyk
https://www.openwall.com/lists/oss-security/2025/12/09/1
oss-security - CVE-2025-26866: Apache HugeGraph-Server: RAFT and deserialization vulnerability
apache hugegraph
https://www.pluralsight.com/courses/specialized-testing-deserialization
Specialized Testing: Deserialization
specialized testingdeserialization
https://openwall.com/lists/oss-security/2026/04/13/7
oss-security - CVE-2026-33858: Apache Airflow: Unsafe Deserialization via Legacy Serialization Keys...
https://pickleescape.xyz/
Pickle Escape - Python Pickle Deserialization Security Challenge
Python Pickle Deserialization Security Challenge - Can you escape the sandbox?
pickleescapepythondeserializationsecurity
https://www.paloaltonetworks.com/blog/tag/deserialization/
Deserialization Blogs | Palo Alto Networks
Read the latest blogs and insights about Deserialization from Palo Alto Networks experts.
palo altodeserializationblogsnetworks
https://www.digitalocean.com/community/tutorials/python-pickle-example?comment=177750
Python Pickle Example: A Guide to Serialization & Deserialization | DigitalOcean
Learn Python pickle with clear examples: dump/load, protocols, secure unpickling practices, comparisons to json, and when (not) to use pickle.
a guide topythonpickleexampleserialization
https://www.c-sharpcorner.com/topics/deserialization-of-a-class-in-a-file
deserialization of a class in a file Resources
a classdeserializationfileresources
https://www.sentinelone.com/vulnerability-database/cve-2024-10553/
CVE-2024-10553: H2O Deserialization RCE Vulnerability
CVE-2024-10553 is a deserialization RCE vulnerability in H2O REST API. Learn about its impact, affected versions, and mitigation methods.
cvedeserializationrcevulnerability
https://www.c-sharpcorner.com/article/json-serialization-and-deserialization-in-c-sharp2/
JSON Serialization and Deserialization in C#
JSON serialization and deserialization in C#! Learn the ropes with Newtonsoft.Json (Json.NET) or the built-in System.Text.Json. Level up your data interchange...
json serializationdeserializationc
https://portswigger.net/web-security/deserialization
Insecure deserialization | Web Security Academy
In this section, we'll cover what insecure deserialization is and describe how it can potentially expose websites to high-severity attacks. We'll highlight ...
web securityinsecuredeserializationacademy
https://www.mail-archive.com/issues@flink.apache.org/msg820851.html
Re: [PR] [FLINK-39200][mysql] Skip insert/update/delete binlog deserialization of unsubscribed...
https://www.sentinelone.com/vulnerability-database/cve-2024-23513/
CVE-2024-23513: PropertyHive Deserialization Vulnerability
CVE-2024-23513 is a deserialization vulnerability in PropertyHive through version 2.0.5. Learn about its impact, affected versions, and mitigation methods.
cvedeserializationvulnerability