Deserialization Vulnerability in AD-Security AD_Miner Affects Cache Handler Functionality
CVE-2026-14723

4.8MEDIUM

Key Information:

Status
Vendor
CVE Published:
5 July 2026

What is CVE-2026-14723?

A vulnerability has been identified in AD-Security's AD_Miner version 1.9.0, specifically within the request_a function located in the analyse_cache.py file. This issue arises from improper handling of the sys.argv[1] argument in the cache handler, leading to unsafe deserialization. The vulnerability allows attackers to execute malicious code locally by manipulating the input parameters. The development team has submitted a pull request for a fix, which is currently pending acceptance.

Affected Version(s)

AD_Miner 1.9.0

References

CVSS V4

Score:
4.8
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Dem00000 (VulDB User)
VulDB CNA Team
.