Akka 2.10.6 akka-cluster-metrics Java SerRCE via serialization
CVE-2025-53393 Published on June 28, 2025

In Akka through 2.10.6, akka-cluster-metrics uses Java serialization for cluster metrics.

NVD

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

CVE-2025-53393 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.

Affected Versions

Akka:

Before and including 2.10.6 is affected.

Exploit Probability

EPSS

0.30%

Percentile

53.08%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Akka 2.10.6 akka-cluster-metrics Java SerRCE via serializationCVE-2025-53393 Published on June 28, 2025

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

Affected Versions

Exploit Probability

Akka 2.10.6 akka-cluster-metrics Java SerRCE via serialization
CVE-2025-53393 Published on June 28, 2025