1. F1085: Critical OS Command Injection Vulnerability in workspace-server Enables Volume Escape via Path Traversal
A serious OS command injection flaw has been identified and patched in workspace-server, potentially allowing malicious actors to delete files outside the intended `/configs` volume directory. The vulnerability, designated F1085 and classified as CWE-78, stems from how the `deleteViaEphemeral` function constructs shell...