CVE-2026-42779 | Apache MINA up to 2.1.11/2.2.6 AbstractIoBuffer.resolveClass deserialization

Inserito da Angelo Barbosa | Mag 1, 2026 | CVE

A vulnerability labeled as critical has been found in Apache MINA up to 2.1.11/2.2.6. Impacted is the function AbstractIoBuffer.resolveClass. The manipulation results in deserialization.

This vulnerability is reported as CVE-2026-42779. The attack can be launched remotely. No exploit exists.

The affected component should be upgraded.

CVE-2026-42779 | Apache MINA up to 2.1.11/2.2.6 AbstractIoBuffer.resolveClass deserialization

Post correlati

CVE-2025-1675 | zephyrproject-rtos Zephyr up to 4.0 dns_pack.c dns_copy_qname lb_size out-of-bounds (GHSA-2m84-5hfw-m8v4)

CVE-2026-23626 | Kimai up to 2.45.x special elements used in a template engine (GHSA-jg2j-2w24-54cg)

CVE-2026-41428 | budibase up to 3.35.3 Query Parameter status improper authentication

CVE-2024-33916 | MachoThemes CPO Companion Plugin up to 1.1.0 on WordPress cross site scripting