Squirrelly v9.0.0 RCE (CVE-2024-40453)

RCE in Squirrelly v9.0.0 through attacker-controlled options

Pug v3.0.2 RCE (CVE-2024-36361)

How a last-minute web challenge became a CVE