An issue in the API wait function of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary code via supplying a crafted string.
"https://github.com/pypa/advisory-database/blob/main/vulns/ait-core/PYSEC-2026-261.yaml"