PulsePatch.io on Horizon: "`Apache Seata` is vulnerable to deserialization of untrusted data (CVE-2025-3289"

No JavaScript? That's cool, but you'll need to disable Turbo mode as it uses JavaScript in the client.

`Apache Seata` is vulnerable to deserialization of untrusted data (CVE-2025-32897), potentially leading to RCE. Users should monitor for official updates. #ApacheSeata #Deserialization #infosec pulsepatch.io/posts/cve-2025…

2:40 PM · Mar 28, 2026 · 27 Views