OpenRefine 3.7.4 was released today and it fixes a vulnerability with moderate severity (CVE-2023-37476). We encourage all users to update swiftly to the latest version. See the release notes for more details about the vulnerability.
We thank Stefan Schiller of SonarSource for disclosing this vulnerability to us.