A deserialization issue discovered in inikulin replicator before 1.0.4 allows remote attackers to run arbitrary code via the fromSerializable function in TypedArray object.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.3%