CVEs affecting projects tracked on Release Alert, from NVD & OSV.
A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode.