Symantec API Gateway Deserialization RCE
CVE-2026-11815 Published on June 10, 2026

Insecure Deserialization via MITM in Layer 7 Policy Manager
An attacker who intercepts and tampers with traffic between the client application and the API Gateway server could potentially deserialize arbitrary objects. This vulnerability could lead to broken security expectations or remote code execution.

Vendor Advisory NVD

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

CVE-2026-11815 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.

Affected Versions

Broadcom Layer 7 API Gateway Version 11.2.1 is affected by CVE-2026-11815

Symantec API Gateway Deserialization RCECVE-2026-11815 Published on June 10, 2026

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

Affected Versions

Symantec API Gateway Deserialization RCE
CVE-2026-11815 Published on June 10, 2026