CVE-2026-11569 — A flaw was found in Quay. The filedrop endpoint accepts any mime type without validation, allowing an authenticated user with repository write access to upload a malicious SVG file containing JavaScri — CVE Database · The Intelligence Room