verl

This advisory concerns a high-severity vulnerability (CVSS 7.8) in Verl, a lesser-known vendor product. The vulnerability requires local access and user interaction to exploit, but once triggered grants an unauthenticated attacker high-impact capabilities including confidentiality breach, integrity compromise, and system availability disruption. Security teams should monitor for patches between now and the June 2026 vendor deadline and prioritize this issue for systems where untrusted users have local access.