Safeguard
Tag

deserialization

Safeguard articles tagged "deserialization" — guides, analysis, and best practices for software supply chain and application security.

48 articles

Security Guides

NumPy Security Guide (2026)

NumPy is the numerical foundation of the Python data ecosystem — and while many of its CVEs are disputed, the pickle-based numpy.load deserialization risk is real and worth understanding.

Jul 2, 20266 min read
Vulnerability Analysis

ActiveMQ CVE-2023-46604 Explained: The OpenWire Deserialization RCE

CVE-2023-46604 is an unauthenticated remote code execution flaw in Apache ActiveMQ's OpenWire protocol, rated CVSS 10.0. Here is how it works, how ransomware crews weaponized it, and how to remediate.

Jul 1, 20265 min read
Security Guides

PyTorch Security Guide (2026)

PyTorch is the dominant deep-learning framework for research and production — and its torch.load remote-code-execution history makes loading a model checkpoint one of the most security-sensitive operations in modern ML.

Jul 1, 20266 min read
Security Guides

Ruby Security Best Practices: Deserialization, Injection, and the Gem Supply Chain

Rails is safe by default — until a developer reaches for YAML.load, Kernel#open, or a raw-string query. Here are the Ruby footguns and the gem hygiene that keep them closed.

Jul 1, 20266 min read
Vulnerability Management

Apache Tomcat CVE-2025-24813: a deserialization deep dive

Tomcat's partial-PUT deserialization RCE turned a session persistence feature into a remote code execution path, and the pattern is one Java middleware keeps repeating.

May 13, 20267 min read
Application Security

YAML Deserialization Attacks: The Config File That Runs Code

YAML's type system allows object instantiation during parsing. In many languages, this means a YAML file can execute arbitrary code.

Feb 18, 20264 min read
Industry Analysis

Ruby deserialization vulnerabilities: Marshal.load, YAML....

A decade of Ruby CVEs — from CVE-2013-0156 to CVE-2022-32224 — shows how Marshal.load and YAML.load turn untrusted input into remote code execution.

Feb 2, 20268 min read
Vulnerability Analysis

SonicWall SMA 1000 CVE-2025-23006 Pre-Auth RCE

CVE-2025-23006 is a pre-auth deserialization RCE in SonicWall SMA 1000. Exploit chain, detection signals, and appliance hardening.

Feb 2, 20267 min read
Industry Analysis

Erlang/OTP atom exhaustion and deserialization risks in E...

How the elixir atom exhaustion vulnerability lets attackers crash BEAM nodes via unsafe binary_to_term calls, and how Safeguard catches the pattern before it ships.

Feb 1, 20267 min read
Vulnerability Analysis

Veeam Backup CVE-2024-40711 Unauth RCE Walkthrough

CVE-2024-40711 is a critical unauth RCE in Veeam Backup & Replication. Deserialization flaw, exploit chain, and ransomware operator abuse.

Jan 21, 20267 min read
DevSecOps

Jenkins CLI Deserialization RCE via Commons-Collections G...

CVE-2015-8103: unauthenticated RCE in Jenkins CLI via a Commons-Collections deserialization gadget chain. Impact, timeline, and remediation.

Nov 26, 20259 min read
Agent Security

LangGraph CVE-2025-64439: When Agent Checkpoints Become RCE

A JsonPlusSerializer fallback in langgraph-checkpoint let attacker-controlled payloads execute arbitrary Python on deserialization. We unpack the bug, the patch, and what agent operators must change.

Nov 20, 20256 min read
deserialization (Page 3) — Safeguard Blog