VYPR

Satoken Deserialization

by Yohane Mashiro

CVEs (1)

  • CVE-2025-15222MedDec 30, 2025
    risk 0.33cvss 5.0epss 0.00

    A vulnerability has been found in Dromara Sa-Token up to 1.44.0. This issue affects the function ObjectInputStream.readObject of the file SaSerializerTemplateForJdkUseBase64.java. Such manipulation leads to deserialization. The attack can be executed remotely. This attack is…