### Summary The FileCatalog DatasetManager runs a query on the database and passes the result to eval. The SQL query contains an injection vulnerability which allows an authenticated user to control the parameter returned to the eval resulting in remote code execution. ### Details The FileCatalog checkDataset function passes its datasets argument directly to the backend DB handler: https://githu
Exploit
CVE-2026-61667
GHSA
Update to v8.0.79