CVE Daily

CVE-2025-54686

Deserialization of Untrusted Data vulnerability in scriptsbundle Exertio allows ...

Critical CVSS 9.8

Overview

Deserialization of Untrusted Data vulnerability in scriptsbundle Exertio allows Object Injection. This issue affects Exertio: from n/a through 1.3.2.

CWE: CWE-502 Published: 2025-08-14T11:15:48.210
Risk analysis

This vulnerability is rated 🔴 CRITICAL.

  • CVSS: 9.8 (CRITICAL)
  • Detected tags: deserialization (tag impact: MODERATE)

Recommended actions:

  • Avoid untrusted deserialization; prefer safe formats (JSON) and signatures.

Recommended tools

Tags