_best_ — Jul-448

The name “JUL‑448” follows the internal ticketing scheme of the Julius development team: for Julius and 448 for the sequential issue number. The bug was originally logged as a “low‑severity input validation issue” back in October 2023 , but it was later re‑rated to Critical (CVSS 9.8) after the PoC demonstrated remote code execution without authentication.