PT-2026-45559
Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generate image function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by exploiting an incomplet...