Tag
high
advisory
Improper Validation Vulnerability in fraillt bitsery (CVE-2026-9521)
2 rules 1 CVEA remote code execution vulnerability exists in fraillt bitsery versions up to 5.2.4 due to improper validation of input in the `loadFromSharedState` function, potentially leading to arbitrary code execution.
bitsery
cve
rce
serialization
2r
1c
high
advisory
Metabase Enterprise Remote Code Execution via Serialization Import
2 rules 1 TTPAuthenticated administrators in vulnerable Metabase Enterprise editions can achieve Remote Code Execution (RCE) and Arbitrary File Read by injecting an `INIT` property into the H2 JDBC spec via a crafted serialization archive through the `POST /api/ee/serialization/import` endpoint.
Metabase Enterprise
metabase
rce
serialization
cve-2026-33725
2r
1t