CVE-2024-10838 — An integer underflow during deserialization may allow any unauthenticated user to read out of bounds heap memory. This may result into secret data or pointers revealing the layout of the address space — CVE Database · The Intelligence Room