{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/h2oai/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-8751"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["h2o-3 (\u003c= 7402)"],"_cs_severities":["high"],"_cs_tags":["deserialization","rce","cve"],"_cs_type":"advisory","_cs_vendors":["h2oai"],"content_html":"\u003cp\u003eA deserialization vulnerability, identified as CVE-2026-8751, has been discovered in h2oai\u0026rsquo;s h2o-3, affecting versions up to 7402. The vulnerability resides within the \u003ccode\u003eimportBinaryModel\u003c/code\u003e function in the \u003ccode\u003eh2o-core/src/main/java/hex/Model.java\u003c/code\u003e file, specifically in the JAR Handler component. This flaw allows remote attackers to perform manipulation that leads to deserialization, potentially allowing for arbitrary code execution. The exploit is publicly available, increasing the risk of exploitation. The vendor was contacted regarding this vulnerability but did not respond. Due to the ease of exploitation and potential impact, this vulnerability poses a significant risk to systems running affected versions of h2o-3.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a vulnerable h2o-3 instance running a version \u0026lt;= 7402.\u003c/li\u003e\n\u003cli\u003eAttacker crafts a malicious serialized object designed to exploit the \u003ccode\u003eimportBinaryModel\u003c/code\u003e function.\u003c/li\u003e\n\u003cli\u003eAttacker sends a request to the vulnerable h2o-3 instance, providing the malicious serialized object to the \u003ccode\u003eimportBinaryModel\u003c/code\u003e function.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eimportBinaryModel\u003c/code\u003e function attempts to deserialize the object.\u003c/li\u003e\n\u003cli\u003eDue to the vulnerability, the deserialization process executes arbitrary code embedded within the malicious object.\u003c/li\u003e\n\u003cli\u003eThe attacker gains control of the h2o-3 instance, potentially with the privileges of the user running the application.\u003c/li\u003e\n\u003cli\u003eThe attacker can then use this access to pivot to other systems, exfiltrate data, or cause further damage.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-8751 can lead to arbitrary code execution on the affected h2o-3 instance. This can result in complete system compromise, including the potential for data theft, system disruption, or further lateral movement within the network. Given the public availability of the exploit, organizations using vulnerable versions of h2o-3 are at immediate risk. The absence of a vendor response or patch exacerbates the situation, leaving organizations with limited options for remediation beyond mitigation strategies.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply network access controls to restrict access to the h2o-3 service to only authorized users and systems.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect Deserialization Attempt in H2Oai H2O-3 (CVE-2026-8751)\u003c/code\u003e to identify potential exploitation attempts in web server logs.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for unusual patterns that may indicate exploitation attempts, using network connection logs.\u003c/li\u003e\n\u003cli\u003eImplement input validation and sanitization measures to prevent the injection of malicious serialized objects.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-17T12:17:58Z","date_published":"2026-05-17T12:17:58Z","id":"https://feed.craftedsignal.io/briefs/2026-05-h2oai-deserialization/","summary":"A deserialization vulnerability exists in h2oai's h2o-3 up to version 7402, specifically within the importBinaryModel function of the h2o-core/src/main/java/hex/Model.java file's JAR Handler component, allowing remote exploitation through manipulation.","title":"Deserialization Vulnerability in H2Oai H2O-3 (CVE-2026-8751)","url":"https://feed.craftedsignal.io/briefs/2026-05-h2oai-deserialization/"}],"language":"en","title":"CraftedSignal Threat Feed — H2oai","version":"https://jsonfeed.org/version/1.1"}