All 4 CVE vulnerabilities found in Zhiyou ERP, with AI-generated Chinese analysis, references, and POCs.
Vendor: Bjskzy
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-1218 | Bjskzy Zhiyou ERP com.artery.richclient.RichClientService RichClientService.class initRCForm xml external entity reference CWE-611 | 6.3 | Medium | 2026-01-20 |
| CVE-2025-11140 | Bjskzy Zhiyou ERP com.artery.richclient.RichClientService openForm xml external entity reference CWE-611 | 7.3 | High | 2025-09-29 |
| CVE-2025-11139 | Bjskzy Zhiyou ERP com.artery.form.services.FormStudioUpdater uploadStudioFile path traversal CWE-22 | 6.3 | Medium | 2025-09-29 |
| CVE-2025-9391 | Bjskzy Zhiyou ERP com.artery.workflow.ServiceImpl getFieldValue sql injection CWE-89 | 6.3 | Medium | 2025-08-24 |
All 4 known CVE vulnerabilities affecting Zhiyou ERP with full Chinese analysis, references, and POCs where available.