CVE-2025-27522 – Apache InLong Deserialization of Untrusted Data Remote Code Execution Vulnerability

May 28, 2025

CVE ID : CVE-2025-27522

Published : May 28, 2025, 8:15 a.m. | 1 hour, 10 minutes ago

Description : Deserialization of Untrusted Data vulnerability in Apache InLong.

This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability is a secondary mining bypass for CVE-2024-26579. Users are advised to upgrade to Apache InLong’s 2.2.0 or cherry-pick [1] to solve it.

[1]

https://github.com/apache/inlong/pull/11732

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-27526 – Apache InLong Deserialization of Untrusted Data JDBC Vulnerability

Next Article CVE-2025-25251 – FortiClient Mac Incorrect Authorization Privilege Escalation Vulnerability

Highlights

CVE-2025-0086 – Android AccountManager Service Token Overwrite Vulnerability

August 26, 2025

CVE ID : CVE-2025-0086

Published : Aug. 26, 2025, 11:15 p.m. | 3 hours, 39 minutes ago

Description : In onResult of AccountManagerService.java, there is a possible way to overwrite auth token due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Microsoft Graph CLI to be retired

The state of DevOps and AI: Not just hype

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

I asked AI to modify mission-critical code, and what happened next haunts me

Why you should delete your browser extensions right now – or do this to stay safe

Dolby Vision 2 comes with big upgrades – here’s which TVs get them first

This one small feature makes this travel charger my favorite for business trips

Laracon AU 2025 Talk Titles Revealed

Laracon AU 2025 Talk Titles Revealed

Stop Writing Bad Controllers: Laravel Custom Collections Transform Your Code

Handle ownership relationships between Eloquent models with Laravel Ownable

Lenovo Legion Go 2 confirmed with Ryzen Z2 Extreme, 1200p OLED 144Hz display & 74Wh battery

Lenovo Legion Go 2 confirmed with Ryzen Z2 Extreme, 1200p OLED 144Hz display & 74Wh battery

How to Open Ports in Firewall on Windows Server

Google TV Remote Not Working? 5 Quick Fixes

CVE-2025-27522 – Apache InLong Deserialization of Untrusted Data Remote Code Execution Vulnerability

Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets

Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware

Building Trust with Explainable AI: Why Transparency Is the Future of Intelligent Business🔍

Error’d: Scamproof

CVE-2025-51536 – AI OpenAtlas Hardcoded Administrator Password Vulnerability

Superhuman’s Secret Onboarding UX

CVE-2025-0086 – Android AccountManager Service Token Overwrite Vulnerability

iaito – official graphical interface for radare2

Why Startups and Enterprises Prefer to Hire Dedicated Developers in 2025

CISA Adds Three Exploited Vulnerabilities to KEV Catalog Affecting Citrix and Git

CVE-2025-27522 – Apache InLong Deserialization of Untrusted Data Remote Code Execution Vulnerability

Related Posts