CVE-2019-9927

Caret before 2019-02-22 allows Remote Code Execution.
Source: NIST