Shunfeng Cai

**Name of the Vulnerable Software and Affected Versions** SoftwareX versions prior to 2.0.6 **Description** When using tasks to read config files, there is a risk of database password disclosure. **Recommendations** For versions prior to 2.0.6, upgrade to version 2.0.6 or higher.

**Name of the Vulnerable Software and Affected Versions** Apache DolphinScheduler versions prior to 2.0.6 **Description** The issue allows users to read any files by logging into the server. Apache DolphinScheduler users are advised to take action to protect themselves. **Recommendations** For versions prior to 2.0.6, upgrade to version 2.0.6 or higher.