Zhilink ADP AP 1.0.0 Deserialization via testConnection jdbcUrl
CVE-2026-12787 Published on June 21, 2026
zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 testConnection Endpoint deserialization
A vulnerability was found in zhilink () ADP Application Developer Platform 1.0.0. This affects an unknown part of the component testConnection Endpoint. The manipulation of the argument jdbcUrl results in deserialization. The attack may be performed from remote. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Timeline
Advisory disclosed
VulDB entry created
VulDB entry last update
Weakness Types
What is a Marshaling, Unmarshaling Vulnerability?
The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.
CVE-2026-12787 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Products Associated with CVE-2026-12787
Want to know whenever a new CVE is published for Zhilink Adp Application Developer Platform? stack.watch will email you.
