Jaspersoft Reports: Java Deserialization Vulnerability Lleads to Remote Code Execution (RCE)
High severity
GitHub Reviewed
Published
May 19, 2026
to the GitHub Advisory Database
•
Updated Jul 10, 2026
Description
Published by the National Vulnerability Database
May 19, 2026
Published to the GitHub Advisory Database
May 19, 2026
Reviewed
Jul 10, 2026
Last updated
Jul 10, 2026
Java Deserialisation Vulnerability in Jaspersoft Reports Library leads to Remote Code Execution (RCE), potentially allowing code execution on the affected system
References