CVE-2025-60887 | Cista up to 0.15 Untrusted Page cista::raw deserialized deserialization

Inserito da Angelo Barbosa | Apr 28, 2026 | CVE

A vulnerability was found in Cista up to 0.15. It has been rated as problematic. This vulnerability affects the function cista::raw of the component Untrusted Page Handler. This manipulation of the argument deserialized causes deserialization.

The identification of this vulnerability is CVE-2025-60887. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-60887 | Cista up to 0.15 Untrusted Page cista::raw deserialized deserialization

Post correlati

CVE-2025-0886 | Lenovo Elliptic Virtual Lock Sensor for X13 Yoga Gen 4 default permission (EUVD-2025-21807)

CVE-2024-6024 | ContentLock Plugin up to 1.0.3 on WordPress Group/Email cross-site request forgery

CVE-2024-3296 | rust-openssl PKCS 1.5 RSA Encryption Padding Mode timing discrepancy

CVE-2025-62346 | HCL Glovius Cloud up to S05.25 cross-site request forgery (KB0126459)