This has been found by Qualys Research Threat Team detailed here: https://www.qualys.com/regresshion-cve-2024-6387/
This affects versions from 8.5p1 up to 9.7p1 but does not include 9.8p1 and allows remote code execution.