CWE-502
AllowedDeserialization of Untrusted Data
Abstraction: Base · Status: Draft
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
4802 vulnerabilities reference this CWE, most recent first.
GHSA-QW3W-X3XF-GG83
Vulnerability from github – Published: 2025-08-28 15:30 – Updated: 2026-04-28 21:35Deserialization of Untrusted Data vulnerability in emarket-design Employee Directory – Staff Listing & Team Directory Plugin for WordPress allows Object Injection. This issue affects Employee Directory – Staff Listing & Team Directory Plugin for WordPress: from n/a through 4.5.3.
{
"affected": [],
"aliases": [
"CVE-2025-53243"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-28T13:16:02Z",
"severity": "HIGH"
},
"details": "Deserialization of Untrusted Data vulnerability in emarket-design Employee Directory \u2013 Staff Listing \u0026amp; Team Directory Plugin for WordPress allows Object Injection. This issue affects Employee Directory \u2013 Staff Listing \u0026amp; Team Directory Plugin for WordPress: from n/a through 4.5.3.",
"id": "GHSA-qw3w-x3xf-gg83",
"modified": "2026-04-28T21:35:49Z",
"published": "2025-08-28T15:30:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53243"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/employee-directory/vulnerability/wordpress-employee-directory-staff-listing-team-directory-plugin-for-wordpress-plugin-4-5-2-php-object-injection-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QW48-84F6-28GV
Vulnerability from github – Published: 2026-05-18 13:27 – Updated: 2026-05-18 13:27Impact
Type of vulnerability: Insecure Deserialization via Python's pickle module.
Who is impacted:
Users of Graphite graph database engine versions before 0.2 who load database files from untrusted or third-party sources.
An attacker could craft a malicious database file that executes arbitrary code when loaded by the engine. This is possible because the engine used pickle for serialization, which is known to be unsafe for untrusted data.
Patches
The vulnerability has been patched starting from version 0.2.
All users should upgrade to version 0.2 or later (the current version is 0.4 at publishing time).
In version 0.2 and above, the engine uses JSON instead of pickle for database storage, eliminating the deserialization risk.
Workarounds
If users cannot upgrade immediately:
- Do not load database files from untrusted or unknown sources when using versions <0.2.
- Migrate existing pickle-based databases to the new JSON format using the provided migration module:
from graphite.Migration import convert_pickle_to_json
convert_pickle_to_json("path/to/old_database.pkl", "path/to/new_database.json")
After migration, you can safely use the database with version 0.2+.
Note: Versions 0.2 and later will show a warning when attempting to load legacy pickle files, reminding you to migrate them. Also, you can't load pickle files in 0.2 and later.
Resources
- Upgrade to v0.2 or newer
- Migration guide: See
graphite.Migrationmodule documentation - More on pickle security: Python docs – pickle security
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "graphitedb"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-18T13:27:55Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "### Impact\n**Type of vulnerability:** Insecure Deserialization via Python\u0027s `pickle` module.\n\n**Who is impacted:** \nUsers of *Graphite graph database engine* versions **before 0.2** who load database files from untrusted or third-party sources. \nAn attacker could craft a malicious database file that executes arbitrary code when loaded by the engine. This is possible because the engine used `pickle` for serialization, which is known to be unsafe for untrusted data.\n\n### Patches\nThe vulnerability has been patched starting from **version 0.2**. \nAll users should upgrade to **version 0.2 or later** (the current version is 0.4 at publishing time). \nIn version 0.2 and above, the engine uses **JSON** instead of `pickle` for database storage, eliminating the deserialization risk.\n\n### Workarounds\nIf users cannot upgrade immediately:\n\n1. **Do not load database files from untrusted or unknown sources** when using versions \u003c0.2.\n2. **Migrate existing pickle-based databases** to the new JSON format using the provided migration module:\n\n```python\nfrom graphite.Migration import convert_pickle_to_json\nconvert_pickle_to_json(\"path/to/old_database.pkl\", \"path/to/new_database.json\")\n```\n\nAfter migration, you can safely use the database with version 0.2+.\n\n**Note:** Versions 0.2 and later will show a **warning** when attempting to load legacy pickle files, reminding you to migrate them. Also, **you can\u0027t load pickle files** in 0.2 and later.\n\n### Resources\n- Upgrade to [v0.2 or newer](https://github.com/mkh-user/graphite/releases)\n- Migration guide: See `graphite.Migration` module documentation\n- More on pickle security: [Python docs \u2013 pickle security](https://docs.python.org/3/library/pickle.html#module-pickle)",
"id": "GHSA-qw48-84f6-28gv",
"modified": "2026-05-18T13:27:56Z",
"published": "2026-05-18T13:27:55Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/mkh-user/graphite/security/advisories/GHSA-qw48-84f6-28gv"
},
{
"type": "PACKAGE",
"url": "https://github.com/mkh-user/graphite"
},
{
"type": "WEB",
"url": "https://github.com/mkh-user/graphite/releases/tag/v0.2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Graphite Has a Pickle Deserialization Vulnerability"
}
GHSA-QW4P-9PRR-VCV7
Vulnerability from github – Published: 2026-06-17 18:35 – Updated: 2026-06-17 18:35Unauthenticated PHP Object Injection in JetEngine <= 3.8.10 versions.
{
"affected": [],
"aliases": [
"CVE-2026-52706"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-17T13:20:49Z",
"severity": "CRITICAL"
},
"details": "Unauthenticated PHP Object Injection in JetEngine \u003c= 3.8.10 versions.",
"id": "GHSA-qw4p-9prr-vcv7",
"modified": "2026-06-17T18:35:52Z",
"published": "2026-06-17T18:35:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-52706"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/jet-engine/vulnerability/wordpress-jetengine-plugin-3-8-10-php-object-injection-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QW5F-8JQW-9832
Vulnerability from github – Published: 2026-05-12 18:30 – Updated: 2026-05-13 18:30The torch-checkpoint-shrink.py script in the ml-engineering project in commit 0099885db36a8f06556efe1faf552518852cb1e0 (2025-20-27) contains an insecure deserialization vulnerability (CWE-502). The script uses torch.load() to process PyTorch checkpoint files (.pt) without enabling the security-restrictive weights_only=True parameter. This oversight allows the deserialization of arbitrary Python objects via the pickle module. A remote attacker can exploit this by providing a maliciously crafted checkpoint file, leading to arbitrary code execution in the context of the user running the script.
{
"affected": [],
"aliases": [
"CVE-2026-31214"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-12T16:16:13Z",
"severity": "CRITICAL"
},
"details": "The torch-checkpoint-shrink.py script in the ml-engineering project in commit 0099885db36a8f06556efe1faf552518852cb1e0 (2025-20-27) contains an insecure deserialization vulnerability (CWE-502). The script uses torch.load() to process PyTorch checkpoint files (.pt) without enabling the security-restrictive weights_only=True parameter. This oversight allows the deserialization of arbitrary Python objects via the pickle module. A remote attacker can exploit this by providing a maliciously crafted checkpoint file, leading to arbitrary code execution in the context of the user running the script.",
"id": "GHSA-qw5f-8jqw-9832",
"modified": "2026-05-13T18:30:40Z",
"published": "2026-05-12T18:30:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31214"
},
{
"type": "WEB",
"url": "https://github.com/stas00/ml-engineering/blob/master/training/checkpoints/torch-checkpoint-shrink.py#L57"
},
{
"type": "WEB",
"url": "https://www.notion.so/CVE-2026-31214-35d1e1393188813fa40eef73c174cee5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QWGV-R6C4-XRJP
Vulnerability from github – Published: 2024-05-14 18:31 – Updated: 2024-05-14 18:31Microsoft SharePoint Server Remote Code Execution Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-30044"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-14T17:17:16Z",
"severity": "HIGH"
},
"details": "Microsoft SharePoint Server Remote Code Execution Vulnerability",
"id": "GHSA-qwgv-r6c4-xrjp",
"modified": "2024-05-14T18:31:04Z",
"published": "2024-05-14T18:31:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30044"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30044"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QWP7-W63J-VXCR
Vulnerability from github – Published: 2025-05-19 21:30 – Updated: 2026-04-01 18:35Deserialization of Untrusted Data vulnerability in Elbisnero WordPress Events Calendar Registration & Tickets allows Object Injection.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through 2.6.0.
{
"affected": [],
"aliases": [
"CVE-2025-47581"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-19T19:15:52Z",
"severity": "CRITICAL"
},
"details": "Deserialization of Untrusted Data vulnerability in Elbisnero WordPress Events Calendar Registration \u0026 Tickets allows Object Injection.This issue affects WordPress Events Calendar Registration \u0026 Tickets: from n/a through 2.6.0.",
"id": "GHSA-qwp7-w63j-vxcr",
"modified": "2026-04-01T18:35:12Z",
"published": "2025-05-19T21:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47581"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/wpeventplus/vulnerability/wordpress-wordpress-events-calendar-registration-tickets-plugin-2-6-0-php-object-injection-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QX96-XFH6-P75H
Vulnerability from github – Published: 2024-04-04 03:31 – Updated: 2026-04-08 21:32The Modal Popup Box – Popup Builder, Show Offers And News in Popup plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.5.2 via deserialization of untrusted input in the awl_modal_popup_box_shortcode function. This makes it possible for authenticated attackers, with contributor-level access and above, to inject a PHP Object. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
{
"affected": [],
"aliases": [
"CVE-2024-2008"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-04-04T03:15:06Z",
"severity": "HIGH"
},
"details": "The Modal Popup Box \u2013 Popup Builder, Show Offers And News in Popup plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.5.2 via deserialization of untrusted input in the awl_modal_popup_box_shortcode function. This makes it possible for authenticated attackers, with contributor-level access and above, to inject a PHP Object. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.",
"id": "GHSA-qx96-xfh6-p75h",
"modified": "2026-04-08T21:32:25Z",
"published": "2024-04-04T03:31:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2008"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/modal-popup-box/trunk/include/modal-popup-box-shortcode.php#L19"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3062572%40modal-popup-box\u0026new=3062572%40modal-popup-box\u0026sfp_email=\u0026sfph_mail="
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fca3d106-49df-49fc-a90d-e0cb26bd34b6?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QXF4-66FG-4H23
Vulnerability from github – Published: 2025-11-13 09:31 – Updated: 2025-11-13 09:31The AI Engine plugin for WordPress is vulnerable to PHP Object Injection via PHAR Deserialization in all versions up to, and including, 3.1.8 via deserialization of untrusted input in the 'rest_simpleTranscribeAudio' and 'rest_simpleVisionQuery' functions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present.
{
"affected": [],
"aliases": [
"CVE-2025-12844"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-13T08:15:49Z",
"severity": "HIGH"
},
"details": "The AI Engine plugin for WordPress is vulnerable to PHP Object Injection via PHAR Deserialization in all versions up to, and including, 3.1.8 via deserialization of untrusted input in the \u0027rest_simpleTranscribeAudio\u0027 and \u0027rest_simpleVisionQuery\u0027 functions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present.",
"id": "GHSA-qxf4-66fg-4h23",
"modified": "2025-11-13T09:31:16Z",
"published": "2025-11-13T09:31:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12844"
},
{
"type": "WEB",
"url": "https://github.com/jordymeow/ai-engine/blob/main/classes/api.php#L799"
},
{
"type": "WEB",
"url": "https://github.com/jordymeow/ai-engine/blob/main/classes/engines/chatml.php#L960-L967"
},
{
"type": "WEB",
"url": "https://github.com/jordymeow/ai-engine/blob/main/classes/modules/files.php#L237"
},
{
"type": "WEB",
"url": "https://github.com/jordymeow/ai-engine/blob/main/classes/services/image.php#L43"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset/3392052"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c39c1b72-e3e0-44fb-8fb8-602cb0aa61e3?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QXRP-VHVM-J765
Vulnerability from github – Published: 2024-11-23 03:31 – Updated: 2025-02-13 22:15Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of configuration files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-24322.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "transformers"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.48.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-11392"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": true,
"github_reviewed_at": "2025-02-11T15:04:55Z",
"nvd_published_at": "2024-11-22T22:15:06Z",
"severity": "HIGH"
},
"details": "Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of configuration files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-24322.",
"id": "GHSA-qxrp-vhvm-j765",
"modified": "2025-02-13T22:15:58Z",
"published": "2024-11-23T03:31:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11392"
},
{
"type": "WEB",
"url": "https://github.com/huggingface/transformers/issues/34840"
},
{
"type": "WEB",
"url": "https://github.com/huggingface/transformers/pull/35296"
},
{
"type": "PACKAGE",
"url": "https://github.com/huggingface/transformers"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/transformers/PYSEC-2024-227.yaml"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1513"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Deserialization of Untrusted Data in Hugging Face Transformers"
}
GHSA-QXWX-C654-V423
Vulnerability from github – Published: 2021-12-07 00:00 – Updated: 2022-03-17 00:06An issue (4 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization behavior that is inherent to the .NET Remoting service. A malicious attacker can exploit both TCP remoting services and local IPC services on the Enterprise Vault Server. This vulnerability is mitigated by properly configuring the servers and firewall as described in the vendor's security alert for this vulnerability (VTS21-003, ZDI-CAN-14075).
{
"affected": [],
"aliases": [
"CVE-2021-44680"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-06T22:15:00Z",
"severity": "CRITICAL"
},
"details": "An issue (4 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization behavior that is inherent to the .NET Remoting service. A malicious attacker can exploit both TCP remoting services and local IPC services on the Enterprise Vault Server. This vulnerability is mitigated by properly configuring the servers and firewall as described in the vendor\u0027s security alert for this vulnerability (VTS21-003, ZDI-CAN-14075).",
"id": "GHSA-qxwx-c654-v423",
"modified": "2022-03-17T00:06:37Z",
"published": "2021-12-07T00:00:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44680"
},
{
"type": "WEB",
"url": "https://www.veritas.com/content/support/en_US/security/VTS21-003"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1590"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
If available, use the signing/sealing features of the programming language to assure that deserialized data has not been tainted. For example, a hash-based message authentication code (HMAC) could be used to ensure that data has not been modified.
Mitigation
When deserializing data, populate a new object rather than just deserializing. The result is that the data flows through safe input validation and that the functions are safe.
Mitigation
Explicitly define a final object() to prevent deserialization.
Mitigation
- Make fields transient to protect them from deserialization.
- An attempt to serialize and then deserialize a class containing transient fields will result in NULLs where the transient data should be. This is an excellent way to prevent time, environment-based, or sensitive variables from being carried over and used improperly.
Mitigation
Avoid having unnecessary types or gadgets (a sequence of instances and method invocations that can self-execute during the deserialization process, often found in libraries) available that can be leveraged for malicious ends. This limits the potential for unintended or unauthorized types and gadgets to be leveraged by the attacker. Add only acceptable classes to an allowlist. Note: new gadgets are constantly being discovered, so this alone is not a sufficient mitigation.
Mitigation
Employ cryptography of the data or code for protection. However, it's important to note that it would still be client-side security. This is risky because if the client is compromised then the security implemented on the client (the cryptography) can be bypassed.
Mitigation MIT-29
Strategy: Firewall
Use an application firewall that can detect attacks against this weakness. It can be beneficial in cases in which the code cannot be fixed (because it is controlled by a third party), as an emergency prevention measure while more comprehensive software assurance measures are applied, or to provide defense in depth [REF-1481].
CAPEC-586: Object Injection
An adversary attempts to exploit an application by injecting additional, malicious content during its processing of serialized objects. Developers leverage serialization in order to convert data or state into a static, binary format for saving to disk or transferring over a network. These objects are then deserialized when needed to recover the data/state. By injecting a malformed object into a vulnerable application, an adversary can potentially compromise the application by manipulating the deserialization process. This can result in a number of unwanted outcomes, including remote code execution.