Enterprise Cloud Database developed by Ragic has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload malicious files and make them available for users to download.
No action is required for the cloud version; the on-premises version must be updated to the patch released on or after April 10, 2026.