Apache HertzBeat — Vulnerabilities & Security Advisories 6

All 6 CVE vulnerabilities found in Apache HertzBeat, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-24343	Apache HertzBeat: Uncontrolled Resource Consumption via Crafted XPath Expressions CWE-643	9.4^AI	Critical^AI	2026-02-10
CVE-2024-56736	Apache HertzBeat: Server-Side Request Forgery (SSRF) in Api Config Oss CWE-918	9.1^AI	Critical^AI	2025-04-16
CVE-2024-41151	Apache HertzBeat: RCE by notice template injection vulnerability CWE-502	8.8^AI	High^AI	2024-11-18
CVE-2024-45791	Apache HertzBeat: Exposure sensitive token via http GET method with query string CWE-200	7.5^AI	High^AI	2024-11-18
CVE-2024-45505	Apache HertzBeat: Exists Native Deser RCE and file writing vulnerabilities CWE-77	8.8^AI	High^AI	2024-11-18
CVE-2024-42323	Apache HertzBeat: RCE by snakeYaml deser load malicious xml CWE-502	8.8	-	2024-09-21

All 6 known CVE vulnerabilities affecting Apache HertzBeat with full Chinese analysis, references, and POCs where available.