AppleInsider reports that Apple partially fixed vulnerability in macOS Big Sur allowing attackers to run arbitrary code via specially crafted email.
Vulnerability involves usage of file:// URL scheme, and currently Apple checks for it in case sensitive manner allowing attackers to use mixed cases. Proper fix is yet to come.