1. CLI Tool Patches Critical RCE Flaw: Config File Import Could Trigger Arbitrary Code Execution
A high-severity remote code execution vulnerability has been identified and remediated in a command-line interface tool's quick commands handler. The flaw, rated CVSS 7.8, stemmed from the direct use of `subprocess.run()` with `shell=True` on commands parsed from user-supplied configuration files, creating a direct pat...