Mealie 1.0.0beta3 contains an arbitrary file upload vulnerability which allows malicious users to execute arbitrary code via a crafted file.
mealie project mealie 1.0.0