CVE-2026-27206 | zumba json-serializer up to 3.2.2 unserialize deserialization (GHSA-v7m3-fpcr-h7m2)

Inserito da Angelo Barbosa | Feb 21, 2026 | CVE

A vulnerability marked as problematic has been reported in zumba json-serializer up to 3.2.2. Affected by this vulnerability is the function JsonSerializer::unserialize. This manipulation causes deserialization.

This vulnerability is handled as CVE-2026-27206. The attack can be initiated remotely. There is not any exploit available.

It is suggested to upgrade the affected component.

CVE-2026-27206 | zumba json-serializer up to 3.2.2 unserialize deserialization (GHSA-v7m3-fpcr-h7m2)

Post correlati

CVE-2026-1687 | Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon Boa Webserver /boaform/formSamba serverString command injection

CVE-2024-22305 | Ali Forms Contact Form Builder with Drag & Drop Plugin authorization

CVE-2024-42213 | HCL BigFix Compliance 2.0.12 Temporary File test code (KB0120961)

CVE-2026-22844 | Zoom Node Meetings Hybrid/Node Meeting Connector prior 5.2.1716.0 command injection