Latest CVE Feed

CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable

Score

Vulnerability

Published

9.8 CRITICAL

CVE-2026-48207 — Apache Fory: PyFory ReduceSerializer Incomplete Policy Enforcement

Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializer could bypass documented DeserializationPolicy validation hooks during reduce-state restoration and global-name resol…

fory | Remote | Injection

May 21, 2026 May 22, 2026

May 21, 2026

May 22, 2026

Showing 20 of 7521 Results

Browse by Apps

Latest CVE Feed

Cookie Preferences