CVE-2015-4852CISA KEVEPSS p99.9%

CVE-2015-4852Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability

Oracle / WebLogic Server

Description

Oracle WebLogic Server contains a deserialization of untrusted data vulnerability within Apache Commons, which can allow for for remote code execution.

Scoring

EPSS96.03% probability of exploitation · percentile 99.9% · 2026-06-15T12:03:41Z

CISA KEV entry

Added to KEV: 2021-11-03

(incoming)1

TypeTargetConfidenceTier
KEVEntryOracle WebLogic Server Deserialization of Untrusted Data Vulnerabilitykev-cve-2015-48520%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Oracle WebLogic Server Remote Code Execution Vulnerability
CVE
Oracle Corporation WebLogic Server Remote Code Execution Vulnerability
CVE
Oracle ADF Faces Deserialization of Untrusted Data Vulnerability
CVE
Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability
CVE
Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability
CVE
Liferay Portal Deserialization of Untrusted Data Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.