Tomsun28

**Name of the Vulnerable Software and Affected Versions** Hertzbeat versions prior to 1.6.0 **Description** Hertzbeat is an open source, real-time monitoring system. It has an authenticated Remote Code Execution (RCE) vulnerability via unsafe deserialization in the "/api/monitors/import" API endpoint. **Recommendations** For versions prior to 1.6.0, update to version 1.6.0 to resolve the issue. As a temporary workaround, consider restricting access to the "/api/monitors/import" API endpoint until the update is applied.