Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Jinher — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting Jinher. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Jinher develops enterprise software solutions, primarily focusing on office automation and digital government platforms. Historically, their products have been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues. The company's security posture has been marked by inconsistent patch management, with several critical vulnerabilities remaining unaddressed for extended periods. Notable incidents include a 2021 vulnerability assessment that identified over a dozen CVEs, many allowing complete system compromise. Security researchers have frequently criticized the slow response times to reported vulnerabilities, leaving enterprise deployments at elevated risk despite the software's widespread adoption in public sector environments.

Top products by Jinher: OA OA C6
CVE IDTitleCVSSSeverityPublished
CVE-2026-7670 Jinher OA UserSel.aspx sql injection — OACWE-89 7.3 High2026-05-02
CVE-2026-2963 Jinher OA C6 OfficeSupplyTypeRight.aspx sql injection — OA C6CWE-89 6.3 Medium2026-02-23
CVE-2025-11341 Jinher OA type xml external entity reference — OACWE-611 7.3 High2025-10-06
CVE-2025-11035 Jinher OA text xml external entity reference — OACWE-611 6.3 Medium2025-09-26
CVE-2025-10816 Jinher OA XML text xml external entity reference — OACWE-611 7.3 High2025-09-22
CVE-2025-10092 Jinher OA XML Type xml external entity reference — OACWE-611 7.3 High2025-09-08
CVE-2025-10091 Jinher OA XML Type xml external entity reference — OACWE-611 7.3 High2025-09-08
CVE-2025-10090 Jinher OA GetTreeDate.aspx sql injection — OACWE-89 7.3 High2025-09-08
CVE-2025-9931 Jinher OA POST Request login!changePassWord.action cross site scripting — OACWE-79 4.3 Medium2025-09-03
CVE-2025-9669 Jinher OA GetTreeDate.aspx sql injection — OACWE-89 7.3 High2025-08-29
CVE-2025-7824 Jinher OA XmlHttp.aspx xml external entity reference — OACWE-611 7.3 High2025-07-19
CVE-2025-7823 Jinher OA ProjectScheduleDelete.aspx xml external entity reference — OACWE-611 7.3 High2025-07-19
CVE-2025-7523 Jinher OA DelTemp.aspx xml external entity reference — OACWE-611 7.3 High2025-07-13
CVE-2025-2587 Jinher OA C6 IncentivePlanFulfillAppprove.aspx sql injection — OA C6CWE-89 6.3 Medium2025-03-21

This page lists every published CVE security advisory associated with Jinher. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.