CVE-2026-41409 | Apache MINA up to 2.0.27/2.1.10/2.2.5 AbstractIoBuffer.getObject deserialization

Inserito da Angelo Barbosa | Apr 27, 2026 | CVE

A vulnerability described as critical has been identified in Apache MINA up to 2.0.27/2.1.10/2.2.5. The impacted element is the function AbstractIoBuffer.getObject. The manipulation results in deserialization.

This vulnerability is cataloged as CVE-2026-41409. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is recommended.

CVE-2026-41409 | Apache MINA up to 2.0.27/2.1.10/2.2.5 AbstractIoBuffer.getObject deserialization

Post correlati

CVE-2024-4431 | LA-Studio Element Kit for Elementor Plugin up to 1.3.7.6 on WordPress id cross site scripting

CVE-2024-42392 | Cesanta Mongoose Web Server up to 7.14 delimiters

CVE-2026-3261 | itsourcecode School Management System 1.0 Setting /settings/index.php ID sql injection

CVE-2025-11551 | code-projects Student Result Manager 1.0 Database.java roll/name/gpa sql injection