https://hackingpassion.com/tags/deserialization/Recent content in Deserialization on HackingPassion.com : root@HackingPassion.com-[~]HugoenSat, 25 Apr 2026 11:10:39 +0200https://hackingpassion.com/bing-rce-cve-2026-33819/Sat, 25 Apr 2026 11:10:39 +0200https://hackingpassion.com/bing-rce-cve-2026-33819/<p><strong>Bing had a CVSS 10.0 vulnerability</strong> in its backend infrastructure, the same infrastructure that powers Edge, Windows Search, and Copilot integrations across Microsoft&rsquo;s ecosystem. Microsoft fixed it on March 10 without saying a word publicly. The CVE showed up six weeks later, on April 23. Nobody outside the company knew this had been sitting in the infrastructure that hundreds of millions of people use every day.</p> <p>The CVE number is <strong>2026-33819</strong>. The vulnerability class is <strong>deserialization of untrusted data</strong>, and the idea behind it is simpler than it sounds.</p>