CVE-2025-60889

Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts.

critical 9.8 CVSS 3.1

Published: Apr 28, 2026

Modified: Apr 30, 2026

Description

References

http://hpx.com
http://stellargroup.com
https://gist.github.com/TrebledJ/b32fd5c469583493ab50244045c9a6e4
https://gist.github.com/TrebledJ/b32fd5c469583493ab50244045c9a6e4

Version	3.1
Score	9.8 / 10
Severity	critical