Modular Max Serve has Unsafe Deserialization vulnerability
Unsafe Deserialization vulnerability in Modular Max Serve before 25.6, specifically when the "–experimental-enable-kvcache-agent" feature is used allowing attackers to execute arbitrary code.