CVE-2025-13805 | nutzam NutzBoot up to 2.6.0-SNAPSHOT LiteRpc-Serializer HttpServletRpcEndpoint.java getInputStream deserialization

A vulnerability described as problematic has been identified in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This affects the function getInputStream of the file nutzcloud/nutzcloud-literpc/src/main/java/org/nutz/boot/starter/literpc/impl/endpoint/http/HttpServletRpcEndpoint.java of the component LiteRpc-Serializer. Executing manipulation can lead to deserialization.

The identification of this vulnerability is CVE-2025-13805. The attack may be launched remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More