Sunnet eHRD is a talent management system from Sun Chat Technology, Taiwan, China. The system supports talent management and performance management, etc. An insecure deserialization vulnerability exists in Sunnet eHRD, which stems from the inadequate input object validation and restriction of the serialization function of Sunnet eHRD’s email sending task scheduling, and can be exploited by attackers to execute arbitrary code.