New Deserialization Vulnerability Identified in Sitecore

On March 6, Searchlight Cyber published a blog detailing a new deserialization vulnerability in Sitecore, a digital content management platform written in .Net. This vulnerability, identified as CVE-2025-27218, affects systems using Sitecore, which are often sold by Sitecore partners. Sitecore facilitates web content management and offers attractive features for marketing professionals.