QwikSec

Security Database

CVE

CWE

Training

CVE-2025-27522

Published: May 28, 2025

Modified: Jan 28, 2026

PUBLISHED

Description

Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability is a secondary mining bypass for CVE-2024-26579. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/11732

Vendor	Product	Versions
Apache Software Foundation	Apache InLong	affected `1.13.0 - <= 2.1.0`

Weaknesses (CWE)

References

https://lists.apache.org/thread/s4dnmq3gwcjocxf85qk190knlzd26jby

vendor-advisory

https://github.com/apache/inlong/pull/11732

patch

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.