PT-2026-43178 · Bitsery · Bitsery

·

CVE-2026-9521

·

Published

2026-05-26

·

Updated

2026-05-26

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions fraillt bitsery versions prior to 5.2.5
Description Improper validation of the specified type of input occurs within the loadFromSharedState() function located in the include/bitsery/ext/std smart ptr.h library. This issue allows for a remote attack.
Recommendations Update to version 5.2.5. As a temporary workaround, restrict the use of the loadFromSharedState() function until the update is applied.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-9521

Affected Products

Bitsery