CVE Daily

CVE-2025-28961

Deserialization of Untrusted Data vulnerability in Md Yeasin Ul Haider URL Short...

Critical CVSS 9.8

Overview

Deserialization of Untrusted Data vulnerability in Md Yeasin Ul Haider URL Shortener allows Object Injection. This issue affects URL Shortener: from n/a through 3.0.7.

CWE: CWE-502 Published: 2025-07-16T12:15:24.097
Risk analysis

This vulnerability is rated 🔴 CRITICAL.

  • CVSS: 9.8 (CRITICAL)
  • Detected tags: deserialization (tag impact: MODERATE)

Recommended actions:

  • Avoid untrusted deserialization; prefer safe formats (JSON) and signatures.

Recommended tools

Tags