Jigang Dong

**Name of the Vulnerable Software and Affected Versions** Alarm instance management versions prior to 2.0.6 **Description** The issue is related to command injection in alarm instance management when a specific command is configured, affecting only logged-in users. **Recommendations** For versions prior to 2.0.6, upgrade to version 2.0.6 or higher to resolve the issue. As a temporary workaround, consider restricting access to the alarm instance management feature for logged-in users until the upgrade is applied.

**Name of the Vulnerable Software and Affected Versions** SoftwareX versions prior to 3.0.0 **Description** The issue arises when users add resources to the resource center with a relation path, causing path traversal issues. This problem affects only logged-in users. **Recommendations** For versions prior to 3.0.0, upgrade to version 3.0.0 or higher to resolve the issue.