A security vulnerability identified as CVE-2024-3829 has been discovered in Qdrant versions prior to v1.9, which allows attackers to upload arbitrary files to the filesystem, potentially enabling remote code execution. This vulnerability is distinct from but similar to a previous issue, CVE-2024-2221. However, Qdrant cloud deployments are largely unaffected due to their read-only filesystem and default authentication settings. The risk mainly involves an authenticated user crashing a cluster by overloading it with data. Qdrant has released a fix in version v1.9.0 and above, which restricts file uploads to a designated folder. Users are advised to check their current Qdrant version and upgrade to at least v1.9.0, following specific instructions based on their deployment method, whether through a container, binary, or Kubernetes helm chart. No immediate action is needed for Qdrant cloud users, although upgrading to the latest version is recommended.