CVE-2025-27522 – Apache InLong Deserialization of Untrusted Data Remote Code Execution Vulnerability

May 28, 2025

CVE ID : CVE-2025-27522

Published : May 28, 2025, 8:15 a.m. | 1 hour, 10 minutes ago

Description : Deserialization of Untrusted Data vulnerability in Apache InLong.

This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability is a secondary mining bypass for CVE-2024-26579. Users are advised to upgrade to Apache InLong’s 2.2.0 or cherry-pick [1] to solve it.

[1]

https://github.com/apache/inlong/pull/11732

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-27526 – Apache InLong Deserialization of Untrusted Data JDBC Vulnerability

Next Article CVE-2025-25251 – FortiClient Mac Incorrect Authorization Privilege Escalation Vulnerability

Report: 71% of tech leaders won’t hire devs without AI skills

Slack’s AI search now works across an organization’s entire knowledge base

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Too many open browser tabs? This is still my favorite solution – and has been for years

This new browser won’t monetize your every move – how to try it

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

Reclaim Space: Delete Docker Orphan Layers

Reclaim Space: Delete Docker Orphan Layers

The details of TC39’s last meeting

Notes Android App Using SQLite

KeySmith – SSH key management

KeySmith – SSH key management

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

CVE-2025-27522 – Apache InLong Deserialization of Untrusted Data Remote Code Execution Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

Securing Agentic AI: How to Protect the Invisible Identity Access

Master Image Processing in Node.js Using Sharp for Fast Web Apps

CVE-2025-49847 – LLama Buffer Overflow Vulnerability

Databricks adds new tools like Lakebase, Lakeflow Designer, and Agent Bricks to better support building AI apps and agents in the enterprise

CVE Program rescued at the last minute after concerns over losing its government funding

CVE-2025-39240 – Hikvision Wireless Access Point Authenticated Remote Command Execution Vulnerability

CVE-2025-23173 – Versa Networks Versa Director Websockify Remote Code Execution Vulnerability

Cisco Unified Intelligence Center Vulnerability Allows Remote Attackers to Upload Arbitrary Files

CVE-2025-27522 – Apache InLong Deserialization of Untrusted Data Remote Code Execution Vulnerability

Related Posts