FeedVulnerabilityQinglong Task Scheduler RCE Vulnerabilities Exploited in the...
VulnerabilityCyber Security News
9.0CRITICAL

Qinglong Task Scheduler RCE Vulnerabilities Exploited in the Wild

📅 30 April 2026 at 08:18 UTC📰 Cyber Security NewsView original source ↗
Qinglong Task Scheduler RCE Vulnerabilities Exploited in the Wild

In early 2026, two critical authentication bypass vulnerabilities in the popular open-source Qinglong task scheduler were actively exploited by hackers. According to Snyk security reports, unauthenticated attackers breached publicly accessible panels, achieving remote code execution to install a hidden, resource-draining cryptominer named .fullgc. Qinglong is a self-hosted task scheduling dashboard that supports multiple scripting languages, including […] The post Qinglong Task Scheduler RCE Vulnerabilities Exploited in the Wild appeared first on Cyber Security News.

🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview

Two critical authentication bypass vulnerabilities in the Qinglong task scheduler were exploited by hackers, allowing unauthenticated attackers to breach publicly accessible panels and install a cryptominer, resulting in remote code execution.

⚙️Technical Details
Affected Systems
Qinglong task scheduler
Attack Vectors
unauthenticated authentication bypass
💥Impact Assessment
Severity: critical
Who Is at Risk
users of publicly accessible Qinglong task scheduler panels
🛡️Recommended Actions
1Implement strict access controls for Qinglong task scheduler panels
2Regularly update and patch Qinglong task scheduler to prevent exploitation
3Monitor system logs for suspicious activity related to Qinglong task scheduler
📦Affected Products
Qinglong task scheduler

Read the full article

This is a curated summary. The complete article is available at Cyber Security News.

Read on Cyber Security News
← Back to feed