CVEs affecting projects tracked on Release Alert, from NVD & OSV.
An improper validation of user-supplied input leads to a local file inclusion vulnerability.