In an inspiring reminder that software vulnerabilities age like fine wine, Commvault’s pre-auth exploit chain has emerged as the vintage that hackers didn’t know they needed. Users have rushed to update their systems, but many sense nostalgia for a simpler time when security flaws were less ‘patchy.’

This delightful quartet of vulnerabilities, hidden snugly in Commvault versions before 11.36.60, promises a creative outlet for remote code execution enthusiasts. One CVE in particular, lovingly scored a 6.9 on the CVSS scale, lets unauthenticated attackers live out their API call fantasies without the tedious baggage of user credentials.

As Commvault releases updates to plug these historical exploits, the cybersecurity community holds a collective candlelight vigil for forgotten vulnerabilities passed over by time. Meanwhile, attackers, bereft of their pre-auth paradise, are reportedly forming support groups to mourn these latest casualties of the patching world.