CVE-2026-43825 (GCVE-0-2026-43825)

Vulnerability from cvelistv5 – Published: 2026-07-06 15:42 – Updated: 2026-07-06 19:12
VLAI
Title
Apache OpenNLP :: Core :: ML :: LibSVM: Unsafe Java Deserialization in SvmDoccatModel
Summary
Untrusted Java Deserialization in Apache OpenNLP SvmDoccatModel Versions Affected:   before 3.0.0-M4 (libsvm document categorization module; introduced in   OPENNLP-1808 and only present on the 3.x line) Description: SvmDoccatModel.deserialize(InputStream) reads an attacker-controlled stream with java.io.ObjectInputStream and calls readObject() without an ObjectInputFilter installed. ObjectInputStream materialises every class referenced in the stream before the resulting object is cast to SvmDoccatModel, so the cast that follows readObject() executes only after the foreign object graph has already been deserialised in full. If a Java deserialization gadget chain is available on the consumer's classpath, a crafted payload supplied to deserialize() executes arbitrary code in the JVM that loads it. Apache OpenNLP itself does not ship a known gadget chain, so the realistic risk is to downstream applications that embed the libsvm module alongside vulnerable transitive dependencies. The method is public and static, so any caller can pass an untrusted stream to it directly. The practical impact is remote code execution against processes that load SvmDoccatModel instances from untrusted or semi-trusted origins. Mitigation: 3.x users should upgrade to 3.0.0-M4. Users who cannot upgrade immediately should treat all serialized SvmDoccatModel streams as untrusted input unless their provenance is verified, and should avoid invoking SvmDoccatModel.deserialize() on streams supplied by end users or fetched from third-party sources without integrity checks.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-502 - Deserialization of Untrusted Data
Assigner
References
Impacted products
Credits
Subramanian S
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 7.3,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-43825",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-06T19:11:49.058504Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-06T19:12:08.131Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "org.apache.opennlp:opennlp-ml-libsvm",
          "product": "Apache OpenNLP :: Core :: ML :: LibSVM",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "3.0.0-M4",
              "status": "affected",
              "version": "3.0.0-M1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Subramanian S"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cb\u003eUntrusted Java Deserialization in Apache OpenNLP SvmDoccatModel\u003c/b\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eVersions Affected:\u003c/b\u003e\u003cbr\u003e\u0026nbsp; before 3.0.0-M4 (libsvm document categorization module; introduced in\u003cbr\u003e\u0026nbsp; OPENNLP-1808 and only present on the 3.x line)\u003cbr\u003e\u003cbr\u003e\u003cb\u003eDescription:\u003c/b\u003e\u003cbr\u003eSvmDoccatModel.deserialize(InputStream) reads an attacker-controlled\u003cbr\u003estream with java.io.ObjectInputStream and calls readObject() without an\u003cbr\u003eObjectInputFilter installed. ObjectInputStream materialises every class\u003cbr\u003ereferenced in the stream before the resulting object is cast to\u003cbr\u003eSvmDoccatModel, so the cast that follows readObject() executes only\u003cbr\u003eafter the foreign object graph has already been deserialised in full.\u003cbr\u003e\u003cbr\u003eIf a Java deserialization gadget chain is available on the consumer\u0027s\u003cbr\u003eclasspath, a crafted payload supplied to\u003cbr\u003edeserialize() executes arbitrary code in the JVM that loads it. Apache\u003cbr\u003eOpenNLP itself does not ship a known gadget chain, so the realistic\u003cbr\u003erisk is to downstream applications that embed the libsvm module\u003cbr\u003ealongside vulnerable transitive dependencies. The method is public and\u003cbr\u003estatic, so any caller can pass an untrusted stream to it directly.\u003cbr\u003e\u003cbr\u003eThe practical impact is remote code execution against processes that\u003cbr\u003eload SvmDoccatModel instances from untrusted or semi-trusted origins.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eMitigation:\u003c/b\u003e\u003cbr\u003e\u003cbr\u003e3.x users should upgrade to 3.0.0-M4.\u003cbr\u003e\u003cbr\u003eUsers who cannot upgrade immediately should treat all serialized\u003cbr\u003eSvmDoccatModel streams as untrusted input unless their provenance is\u003cbr\u003everified, and should avoid invoking SvmDoccatModel.deserialize() on\u003cbr\u003estreams supplied by end users or fetched from third-party sources\u003cbr\u003ewithout integrity checks.\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "Untrusted Java Deserialization in Apache OpenNLP SvmDoccatModel\n\nVersions Affected:\n\u00a0 before 3.0.0-M4 (libsvm document categorization module; introduced in\n\u00a0 OPENNLP-1808 and only present on the 3.x line)\n\nDescription:\nSvmDoccatModel.deserialize(InputStream) reads an attacker-controlled\nstream with java.io.ObjectInputStream and calls readObject() without an\nObjectInputFilter installed. ObjectInputStream materialises every class\nreferenced in the stream before the resulting object is cast to\nSvmDoccatModel, so the cast that follows readObject() executes only\nafter the foreign object graph has already been deserialised in full.\n\nIf a Java deserialization gadget chain is available on the consumer\u0027s\nclasspath, a crafted payload supplied to\ndeserialize() executes arbitrary code in the JVM that loads it. Apache\nOpenNLP itself does not ship a known gadget chain, so the realistic\nrisk is to downstream applications that embed the libsvm module\nalongside vulnerable transitive dependencies. The method is public and\nstatic, so any caller can pass an untrusted stream to it directly.\n\nThe practical impact is remote code execution against processes that\nload SvmDoccatModel instances from untrusted or semi-trusted origins.\n\nMitigation:\n\n3.x users should upgrade to 3.0.0-M4.\n\nUsers who cannot upgrade immediately should treat all serialized\nSvmDoccatModel streams as untrusted input unless their provenance is\nverified, and should avoid invoking SvmDoccatModel.deserialize() on\nstreams supplied by end users or fetched from third-party sources\nwithout integrity checks."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-502",
              "description": "CWE-502 Deserialization of Untrusted Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-06T15:42:04.928Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/c7kom0pgk9cbpfnbooh5m3g85ndf50hn"
        }
      ],
      "source": {
        "defect": [
          "OPENNLP-1823"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Apache OpenNLP :: Core :: ML :: LibSVM: Unsafe Java Deserialization in SvmDoccatModel",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2026-43825",
    "datePublished": "2026-07-06T15:42:04.928Z",
    "dateReserved": "2026-05-02T08:57:20.984Z",
    "dateUpdated": "2026-07-06T19:12:08.131Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-43825\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2026-07-06T17:16:31.570\",\"lastModified\":\"2026-07-06T20:16:33.393\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Untrusted Java Deserialization in Apache OpenNLP SvmDoccatModel\\n\\nVersions Affected:\\n\u00a0 before 3.0.0-M4 (libsvm document categorization module; introduced in\\n\u00a0 OPENNLP-1808 and only present on the 3.x line)\\n\\nDescription:\\nSvmDoccatModel.deserialize(InputStream) reads an attacker-controlled\\nstream with java.io.ObjectInputStream and calls readObject() without an\\nObjectInputFilter installed. ObjectInputStream materialises every class\\nreferenced in the stream before the resulting object is cast to\\nSvmDoccatModel, so the cast that follows readObject() executes only\\nafter the foreign object graph has already been deserialised in full.\\n\\nIf a Java deserialization gadget chain is available on the consumer\u0027s\\nclasspath, a crafted payload supplied to\\ndeserialize() executes arbitrary code in the JVM that loads it. Apache\\nOpenNLP itself does not ship a known gadget chain, so the realistic\\nrisk is to downstream applications that embed the libsvm module\\nalongside vulnerable transitive dependencies. The method is public and\\nstatic, so any caller can pass an untrusted stream to it directly.\\n\\nThe practical impact is remote code execution against processes that\\nload SvmDoccatModel instances from untrusted or semi-trusted origins.\\n\\nMitigation:\\n\\n3.x users should upgrade to 3.0.0-M4.\\n\\nUsers who cannot upgrade immediately should treat all serialized\\nSvmDoccatModel streams as untrusted input unless their provenance is\\nverified, and should avoid invoking SvmDoccatModel.deserialize() on\\nstreams supplied by end users or fetched from third-party sources\\nwithout integrity checks.\"}],\"affected\":[{\"source\":\"security@apache.org\",\"affectedData\":[{\"vendor\":\"Apache Software Foundation\",\"product\":\"Apache OpenNLP :: Core :: ML :: LibSVM\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://repo.maven.apache.org/maven2\",\"packageName\":\"org.apache.opennlp:opennlp-ml-libsvm\",\"versions\":[{\"version\":\"3.0.0-M1\",\"lessThan\":\"3.0.0-M4\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":3.4}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-07-06T19:11:49.058504Z\",\"id\":\"CVE-2026-43825\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"references\":[{\"url\":\"https://lists.apache.org/thread/c7kom0pgk9cbpfnbooh5m3g85ndf50hn\",\"source\":\"security@apache.org\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…