CVE-2026-9645 — Exposed methods allow authenticated users to create and execute arbitrary JavaScript code on the server. The scripts execute with full access, enabling complete system compromise as commands are execu — CVE Database · The Intelligence Room