Coastal

**Name of the Vulnerable Software and Affected Versions** Covenant versions 0.1.3 through 0.5 **Description** The software contains a remote code execution issue that allows attackers to create malicious JWT tokens with administrative privileges. Attackers can generate forged tokens with admin roles and upload custom DLL payloads to execute arbitrary commands on the target system. The vulnerability involves crafting JWT tokens to gain unauthorized access and execute code. **Recommendations** Update to a newer version that addresses this issue.