CVE-2025-27218 Information

Description

Sitecore Experience Manager (XM) and Experience Platform (XP) 10.4 before KB1002844 allow remote code execution through insecure deserialization.

Reference

https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1003535