A vulnerability classified as problematic was found in MessagePack-CSharp MessagePack for C# up to 2.5.300/3.1.6 . This vulnerability affects unknown code. Such manipulation leads to use of externally-controlled input to select classes or code. This vulnerability is listed as CVE-2026-48517 . The attack may be performed from remote. There is no available exploit. Upgrading the affected component is advised.