Security Advisories (January 2026) - CVE-2025-57792 - Unauthenticated SQL injection vulnerability that could have allowed remote attackers to access or manipulate application data. - Resolved: Patch released on 2025-05-06. - CVE-2025-57793 - Unauthenticated SQL injection issue with potential exposure of sensitive configuration data. - Resolved: Patch released on 2025-05-06. - CVE-2025-57794 - Authenticated unrestricted file upload vulnerability that could have enabled a privileged user to execute arbitrary code. - Resolved: Patch released on 2025-09-30. - CVE-2025-57795 - Authenticated remote file download issue that could have led to remote code execution under specific conditions. - Resolved: Patch released on 2025-09-30. - CVE-2025-57796 - Reversible encryption issue using a static key that could have allowed database-level attackers to decrypt stored credentials. - Resolved: Patch released on 2025-09-30.