The relevant CVE is here: https://nvd.nist.gov/vuln/detail/CVE-2025-14847, with a CVSS of 8.7.

Somehow I accidentally didn't paste the url into the form, so I posted it again here: https://news.ycombinator.com/item?id=46378939

If a moderator could merge these, I'd greatly appreciate it!