CVE-2025-27528 – Apache InLong Deserialization of Untrusted Data Remote File Read Vulnerability

May 28, 2025

CVE ID : CVE-2025-27528

Published : May 28, 2025, 8:15 a.m. | 1 hour, 10 minutes ago

Description : Deserialization of Untrusted Data vulnerability in Apache InLong.

This issue affects Apache InLong: from 1.13.0 through 2.1.0.

This
vulnerability allows attackers to bypass the security mechanisms of InLong
JDBC and leads to arbitrary file reading. Users are advised to upgrade to Apache InLong’s 2.2.0 or cherry-pick [1] to solve it.

[1] https://github.com/apache/inlong/pull/11747

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47295 – Fortinet FortiOS Buffer Over-Read Vulnerability

Next Article CVE-2025-27526 – Apache InLong Deserialization of Untrusted Data JDBC Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

How Red Hat just quietly, radically transformed enterprise server Linux

OpenAI wants ChatGPT to be your ‘super assistant’ – what that means

The best Linux VPNs of 2025: Expert tested and reviewed

One of my favorite gaming PCs is 60% off right now

`document.currentScript` is more useful than I thought.

`document.currentScript` is more useful than I thought.

Adobe Sensei and GenAI in Practice for Enterprise CMS

Over The Air Updates for React Native Apps

You can now open ChatGPT on Windows 11 with Win+C (if you change the Settings)

You can now open ChatGPT on Windows 11 with Win+C (if you change the Settings)

Microsoft says Copilot can use location to change Outlook’s UI on Android

TempoMail — Command Line Temporary Email in Linux

CVE-2025-27528 – Apache InLong Deserialization of Untrusted Data Remote File Read Vulnerability

Chrome Zero-Day Alert: CVE-2025-5419 Actively Exploited in the Wild

CISA Adds 5 Actively Exploited Vulnerabilities to KEV Catalog: ASUS Routers, Craft CMS, and ConnectWise Targeted

GTA 5 is coming back to Xbox Game Pass apparently, this time with PC and Cloud in tow

CHASE: A Query Engine that is Natively Designed to Support Efficient Hybrid Queries on Structured and Unstructured Data

CVE-2025-47774 – Vyper Uninitialized Side Effect Elision in Slice Builtin

VCHAR: A Novel Artificial Intelligence AI Framework that Treats the Outputs of Atomic Activities as a Distribution Over Specified Intervals

How to use AI to create a logo for free

Ransomware Group LockBit Claims Responsibility for Cannes Hospital Cyberattack

Test Out Search Like Never Before: Introducing Search Demo Builder

Community News: Latest PEAR Releases (12.23.2024)

CVE-2025-27528 – Apache InLong Deserialization of Untrusted Data Remote File Read Vulnerability

Related Posts