Hertzbeat < 1.6.0 - Authenticated Remote Code Execution via Unsafe Deserialization in Monitor Import
Hertzbeat is an open source, real-time monitoring system. Hertzbeat has an authenticated (user role) RCE via unsafe deserialization in /api/monitors/import. This vulnerability is fixed in 1.6.0.