9.4 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
81.7%
QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are affected by an insecure deserialization vulnerability due to insecure configuration of TypeNameHandling property in Json.NET library.
github.com/QuantConnect/Lean/issues/3537