CVE-2025-46183
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-24

Last updated on: 2025-10-27

Assigner: MITRE

Description
The Utils.deserialize function in pgCodeKeeper 10.12.0 processes serialized data from untrusted sources. If an attacker provides a specially crafted .ser file, deserialization may result in unintended code execution or other malicious behavior on the target system.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-24
Last Modified
2025-10-27
Generated
2026-05-07
AI Q&A
2025-10-24
EPSS Evaluated
2026-05-05
NVD
CVE-2025-46183
EUVD
EUVD-2025-35856
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
pgcodekeeper pgcodekeeper 10.12.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-502 The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the Utils.deserialize function of pgCodeKeeper 10.12.0, which processes serialized data from untrusted sources. If an attacker provides a specially crafted .ser file, the deserialization process may lead to unintended code execution or other malicious behavior on the target system.


How can this vulnerability impact me? :

The vulnerability can allow an attacker to execute arbitrary code or perform other malicious actions on the affected system by exploiting the deserialization process with a crafted .ser file, potentially compromising system integrity and security.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart