CVE-2026-10532 | QOS logback up to 1.5.33 HardenedObjectInputStream deserialization

A vulnerability marked as problematic has been reported in QOS logback up to 1.5.33. The affected element is an unknown function of the component HardenedObjectInputStream. The manipulation leads to deserialization.

This vulnerability is uniquely identified as CVE-2026-10532. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More