Serialization and Deserialization in Java Vulnerability

LangChain AI Vulnerability Exposes Millions of Apps

eSpeaks’ Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly ...

The Hacker News

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and even influence large language model (LLM) responses through prompt ...

bitnewsbot

LangChain ‘LangGrinch’ Flaw Lets Attackers Steal Secrets Now

LangChain Core contains a critical serialization injection flaw (CVE-2025-68664, CVSS 9.3) that can expose secrets and enable prompt injection. The bug stems from improper escaping of dictionaries ...

SiliconANGLE

Critical ‘LangGrinch’ vulnerability in langchain-core puts AI agent secrets at risk

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a recently uncovered critical vulnerability on langchain-core, the foundational library behind ...

IEEE

LiteCobra: Enhancing Java Deserialization Vulnerability Detection with Call Graph Pruning

Abstract: Java deserialization vulnerabilities have become a critical security threat, challenging to detect and even harder to exploit due to deserialization's flexible and customizable nature.

GitHub

Vulnerability: XMLDecoder Deserialization Vulnerability (Java RCE) in Ladybug < 3.0-20251107.114628

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...

TechSpot

Critical vulnerability in React JS framework has a near 100% chance to be exploited

Facepalm: A widely used web technology is affected by a serious security vulnerability that can be exploited with minimal effort to compromise servers. Known as "React2Shell," the flaw may require ...

winbuzzer.com

Microsoft Issues Emergency Patch for Actively Exploited Windows Server Flaw CVE-2025-59287

Microsoft has released an urgent out-of-band security update to fix a critical vulnerability in its Windows Server Update Services (WSUS). The flaw, CVE-2025-59287, allows attackers to execute code ...

Bleeping Computer

Windows Server emergency patches fix WSUS bug with PoC exploit

Microsoft has released out-of-band (OOB) security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with publicly available proof-of-concept exploit code. WSUS is ...

Dark Reading

Microsoft Issues Emergency Patch for Critical Windows Server Bug

Microsoft on Thursday deployed a reworked update for a critical vulnerability in the Windows Server Update Service (WSUS) that has come under attack in the wild. CVE-2025-59287 is a remote code ...

SecurityWeek

Critical Windows Server WSUS Vulnerability Exploited in the Wild

Microsoft on Thursday released out-of-band updates to patch a critical vulnerability impacting the Windows Server Update Service (WSUS), and exploitation of the flaw was seen just hours later. WSUS is ...

Some results have been hidden because they may be inaccessible to you

Show inaccessible results