CVE-2025-27218

Sitecore Experience Manager (XM) and Experience Platform (XP) 10.4 before KB1002844 allow remote code execution through insecure deserialization.

More information : https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1003535