graphql-upload is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization of file name via the `upload` function.Read More