Deserialization Vulnerability — Unsafe Object Reconstruction Leading to Code Execution
A deserialization vulnerability occurs when untrusted data is deserialized without proper validation, potentially allowing attackers to manipulate object behavior or achieve remote code execution. This SECMONS glossary entry explains how insecure deserialization works, why it is dangerous, and how defenders should mitigate it.