Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.1
Quartz Job Handler in RuoYi up to 4.8.2 Can Let Hackers Inject Code Remotely
CVE-2026-4564
Summary
A security issue in RuoYi's Quartz Job Handler can allow hackers to inject malicious code into the system, potentially allowing them to take control of your website or server. This means that a hacker could potentially access sensitive information or disrupt your operations. To protect your system, update RuoYi to a version newer than 4.8.2.
Original title
A security vulnerability has been detected in yangzongzhuan RuoYi up to 4.8.2. This issue affects some unknown processing of the file /monitor/job/ of the component Quartz Job Handler. Such manipul...
Original description
A security vulnerability has been detected in yangzongzhuan RuoYi up to 4.8.2. This issue affects some unknown processing of the file /monitor/job/ of the component Quartz Job Handler. Such manipulation of the argument invokeTarget leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
nvd CVSS2.0
5.8
nvd CVSS3.1
4.7
nvd CVSS4.0
5.1
Vulnerability type
CWE-74
Injection
CWE-94
Code Injection
Published: 23 Mar 2026 · Updated: 23 Mar 2026 · First seen: 23 Mar 2026