Valenti Software Allows Hackers to Inject Malicious Code

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.8

Valenti Software Allows Hackers to Inject Malicious Code

CVE-2026-23544

Summary

A security flaw in Valenti software allows hackers to inject malicious code by manipulating data. This can lead to unauthorized access to sensitive information and system compromise. Update to Valenti version 5.6.3.6 or later to fix this issue.

Original title

Deserialization of Untrusted Data vulnerability in codetipi Valenti valenti allows Object Injection.This issue affects Valenti: from n/a through <= 5.6.3.5.

Original description

Deserialization of Untrusted Data vulnerability in codetipi Valenti valenti allows Object Injection.This issue affects Valenti: from n/a through <= 5.6.3.5.

nvd CVSS3.1 8.8

Vulnerability type

CWE-502 Deserialization of Untrusted Data

https://patchstack.com/database/Wordpress/Theme/valenti/vulnerability/wordpress-...

Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026