W8Ay

**Name of the Vulnerable Software and Affected Versions** melMass comfy mtb versions up to 0.1.4 **Description** A critical vulnerability was found in the Dependency Handler component, specifically in the `run command` function of the file `comfy mtb/endpoint.py`. This vulnerability leads to code injection and can be exploited remotely. The exploit has been disclosed to the public. **Recommendations** For melMass comfy mtb versions up to 0.1.4, apply the patch named d6e004cce2c32f8e48b868e66b89f82da4887dc3 to fix this issue. As a temporary workaround, consider disabling the `run command` function until the patch is applied. Restrict access to the vulnerable `comfy mtb/endpoint.py` file to minimize the risk of exploitation.