Skip to main content

COSMICBYTEZLABS

News Security HOWTOs Tools Training

Study Projects Newsletter Hire Me About

Press Enter to search or Esc to close

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.

COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1371+ Articles

150+ Guides

CONTENT

Latest News
Security Alerts
HOWTOs
Checklists
Projects
Exam Prep

RESOURCES

Search
Browse Tags
Newsletter Archive
Reading List
RSS Feed

COMPANY

About Us
Contact
Privacy Policy
Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational

5 articles

#CWE-502

All CosmicBytez Labs articles tagged #CWE-502, across news, security advisories, how-to guides, and projects.

SecurityJun 6, 2026
CVE-2026-7654: PHP Object Injection RCE in WordPress Admin Columns Plugin (≤ 7.0.18)
A high-severity PHP Object Injection vulnerability in the Admin Columns WordPress plugin (versions up to 7.0.18) allows authenticated attackers to achieve…
SecurityMay 22, 2026
CVE-2026-48207: Apache Fury PyFury Deserialization RCE
A critical deserialization vulnerability in Apache Fury's Python library PyFury allows attackers to bypass DeserializationPolicy validation hooks via the...
SecurityMay 19, 2026
CVE-2026-7301: SGLang ROUTER Socket Exposes Unsafe
A critical CVSS 9.8 vulnerability in SGLang's multimodal AI runtime scheduler binds its ROUTER socket to 0.0.0.0 by default and passes incoming messages...
SecurityMar 19, 2026
CVE-2026-25449: Critical Object Injection in Shinetheme
A CVSS 9.8 deserialization vulnerability in the Shinetheme Traveler WordPress plugin allows unauthenticated remote attackers to inject arbitrary PHP...
SecurityMar 18, 2026
CVE-2026-25769: Wazuh Critical RCE via Insecure
A critical remote code execution vulnerability (CVSS 9.1) in Wazuh versions 4.0.0–4.14.2 allows an attacker with access to a worker node to achieve root...