Uwe Hermann | A slightly paranoid Debian developer

Everyone using Drupal should upgrade ASAP to the new Drupal 4.6.3 (or 4.5.5 if you're running 4.5.x), as a serious security vulnerability has been found in the third-party XML-RPC library Drupal ships with. I sent the security advisory to Full-Disclosure, Bugtraq and the phpsec mailing lists, so hopefully everyone will notice and upgrade.

Note: This is not the same issue as the one which was fixed earlier!

Update: Heise has more information about the issue, now.