Control: severity -1 importantA malicious Gradle build file executes arbitrary code and can trivially cause harm to the system, with completion enabled or not. I'm downgrading the severity because gradle-completion doesn't deserve to be removed, the blame is on the user fetching and building an untrusted project.
- Bug#1126696: gradle-completion: CVE-2026-25063 Salvatore Bonaccorso
- Bug#1126696: gradle-completion: CVE-2026-25063 Emmanuel Bourg
