1. Critical Deserialization Flaw in Apache MINA Bypasses Security Filter, Affects Multiple Versions
A critical deserialization vulnerability has been identified in Apache MINA's core library, potentially allowing attackers to execute arbitrary code on affected systems. The flaw, tracked as CVE-2026-41635, exists in the AbstractIoBuffer.resolveClass() method, where one execution path fails to validate classes against ...