A new Debian Linux update has been published: DSA 5260-1: lava security update
A lava security update has been released for Debian GNU/Linux 11 to address an issue where exec() is used on input passed to the server component.Read more @ Linux Compatible