CVE-2026-4564 | yangzongzhuan RuoYi up to 4.8.2 Quartz Job /monitor/job/ invokeTarget code injection

A vulnerability was found in yangzongzhuan RuoYi up to 4.8.2. It has been declared as critical. This issue affects some unknown processing of the file /monitor/job/ of the component Quartz Job Handler. Such manipulation of the argument invokeTarget leads to code injection.

This vulnerability is referenced as CVE-2026-4564. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-4564 | yangzongzhuan RuoYi up to 4.8.2 Quartz Job /monitor/job/ invokeTarget code injection

Post correlati

CVE-2024-5743 | EveHome Eve Play up to 1.1.42 weak password hash

CVE-2026-26208 | Alex4SSB ADB-Explorer up to Beta 0.9.26019 JSON File Parser Newtonsoft.Json deserialization (ID 294)

CVE-2024-31078 | OpenHarmony up to 4.0.0 Service null pointer dereference

CVE-2024-46798 | Linux Kernel up to 6.10.9 snd_pcm_suspend_all use after free