Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Deserialization of Untrusted Data vulnerability in rascals Pendulum pendulum allows Object Injection.This issue affects Pendulum: from n/a through < 3.1.5.
Deserialization of Untrusted Data vulnerability in rascals Vex vex allows Object Injection.This issue affects Vex: from n/a through < 1.2.9.
Deserialization of Untrusted Data vulnerability in rascals Meloo meloo allows Object Injection.This issue affects Meloo: from n/a through < 2.8.2.
Deserialization of Untrusted Data vulnerability in Elated-Themes Aperitif allows Object Injection. This issue affects Aperitif: from n/a through 1.6.
CVE-2025-49434
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in axiomthemes Cars4Rent cars4rent allows Object Injection.This issue affects Cars4Rent: from n/a through <= 1.4.2.
CVE-2025-60039
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in rascals Noisa noisa allows Object Injection.This issue affects Noisa: from n/a through <= 2.6.0.
Deserialization of Untrusted Data vulnerability in rascals Noisa noisa allows Object Injection.This issue affects Noisa: from n/a through <= 2.6.0.
CVE-2026-27437
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in ThemeREX Tennis Club tennis-sportclub allows Object Injection.This issue affects Tennis Club: from n/a through <= 1.2.3.
CVE-2025-60229
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in Themeton Lagom allows Object Injection. This issue affects Lagom: from n/a through 2.0.
Deserialization of Untrusted Data vulnerability in designthemes Crafts & Arts crafts-and-arts allows Object Injection.This issue affects Crafts & Arts: from n/a through <= 2.5.
CVE-2025-69372
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in AncoraThemes SevenHills sevenhills allows Object Injection.This issue affects SevenHills: from n/a through <= 1.6.2.
CVE-2025-31927
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in themeton Acerola allows Object Injection. This issue affects Acerola: from n/a through 1.6.5.
Deserialization of Untrusted Data vulnerability in BoldThemes Celeste celeste allows Object Injection.This issue affects Celeste: from n/a through <= 1.3.6.
CVE-2025-64206
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in TieLabs Jannah jannah allows Object Injection.This issue affects Jannah: from n/a through <= 7.6.0.
Deserialization of Untrusted Data vulnerability in designthemes Pet World petsworld allows Object Injection.This issue affects Pet World: from n/a through <= 2.8.
CVE-2025-39485
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Tour grandtour allows Object Injection.This issue affects Grand Tour: from n/a through <= 5.6.
CVE-2025-48289
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in AncoraThemes Kids Planet kidsplanet allows Object Injection.This issue affects Kids Planet: from n/a through <= 2.2.14.
CVE-2025-49072
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in AncoraThemes Mr. Murphy mr-murphy allows Object Injection.This issue affects Mr. Murphy: from n/a through < 1.2.12.1.
Deserialization of Untrusted Data vulnerability in Digital zoom studio DZS Video Gallery allows Object Injection.This issue affects DZS Video Gallery: from n/a through 12.25.
CVE-2026-25032
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in park_of_ideas Ricky ricky allows Object Injection.This issue affects Ricky: from n/a through < 2.31.
Page 1+ Next →