phy-deserialization-audit Static scanner for OWASP A08:2021 — Insecure Deserialization vulnerabilities across Python, Java, PHP, Ruby, Node.js/TypeScript, and Go codebases. No API keys, no network calls, no dependencies beyond Python 3 stdlib. What It Detects Python | Pattern | Severity | CVE/CWE | |---------|----------|---------| | | CRITICAL | CWE-502 | | | CRITICAL | CWE-502 | | without SafeLoader | HIGH | CVE-2017-18342 | | / | CRITICAL | CVE-2017-18342 | | | CRITICAL | CWE-502 | | | HIGH | CWE-502 | | / | CRITICAL | CWE-95 | | | HIGH | CWE-502 | Java | Pattern | Severity | CVE/CWE | |---…