CVE-2025-60229
CriticalCVSS 9.8Summary
CVE-2025-60229 is a vulnerability related to the deserialization of untrusted data in Themeton Lagom, allowing for object injection. This issue affects Lagom versions from n/a through 2.0.
Risk Assessment
Exploitation of this vulnerability may lead to unauthorized access to the system and potential takeover of the application. Organizations should be aware of the risks associated with object injection.
Recommendation
It is recommended to upgrade to the latest version of Lagom that addresses this vulnerability. A code audit should also be conducted to identify and secure areas where deserialization of untrusted data may occur.
Original NVD description (English source)
Deserialization of Untrusted Data vulnerability in Themeton Lagom allows Object Injection. This issue affects Lagom: from n/a through 2.0.

