GHSA-3m86-c9x3-vwm9: Graylog vulnerable to privilege escalation through API tokens

GHSA-3q26-f695-pp76: @cyanheads/git-mcp-server vulnerable to command injection in several tools

Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.

**MLflow Path Traversal Vulnerability**

High severity GitHub Reviewed Published Dec 20, 2023 to the GitHub Advisory Database • Updated Dec 20, 2023