PT-2026-23207 · Axiomthemes · Estate
Tran Nguyen Bao Khanh
·
Published
2026-03-05
·
Updated
2026-03-08
·
CVE-2026-22475
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
axiomthemes Estate versions n/a through 1.3.4
Description
The Estate software contains a flaw due to deserialization of untrusted data, which can lead to object injection. This issue impacts the software’s ability to securely handle incoming data, potentially allowing an attacker to manipulate the system.
Recommendations
Versions prior to 1.3.4 should be updated.
Fix
Deserialization of Untrusted Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Estate