S1Mi4

**Name of the Vulnerable Software and Affected Versions** vesoft NebulaGraph versions through 3.8.0 **Description** An issue was discovered in vesoft NebulaGraph that allows bypassing authentication. **Recommendations** For vesoft NebulaGraph versions through 3.8.0, update to a version later than 3.8.0 to resolve the issue. At the moment, there is no information about additional mitigation measures for this issue.

**Name of the Vulnerable Software and Affected Versions** vesoft NebulaGraph versions through 3.8.0 **Description** An issue was discovered in vesoft NebulaGraph that allows shell command injection. **Recommendations** For versions through 3.8.0, update to a version later than 3.8.0 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.