A major security hole has been found in TWiki which allows anyone with access to the search function to execute arbitrary shell commands with the privilages of the web-server process. Anyone running TWiki should read here and upgrade and/or take countermeasures immediately.