[CRITICAL] CI4MS Vulnerable to Remote Code Execution (RCE) via Arbitrary File Creation and Save in File Editor

PKSA-ztv6-h3sy-m4xc CVE-2026-25510 GHSA-gp56-f67f-m4px

Affected version: <0.28.5.0

Reported by:
GitHub

[MEDIUM] CI4MS Vulnerable to User Email Enumeration via Password Reset Flow

PKSA-72bz-jm9q-1sgn CVE-2026-25509 GHSA-654x-9q7r-g966

Affected version: <0.28.5.0

Reported by:
GitHub