Deserialization in Qos.ch Sarl Logback
CVE-2026-10532
Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core (HardenedObjectInputStream (logback-core) modules) allows Object Injection, albeit heavily restricted. More precisely, an attacker able to influence seria…
Vulnerability class: Insecure Deserialization
EPSS: 0.001 (24.8th percentile) — read the EPSS interpretation.
Affected products
- Qos.ch Sarl Logback — versions 0, 1.5.34