Drupal has released security updates to address a vulnerability in Drupal core. It is recommended that you take the necessary precautions by ensuring your products are always updated.
https://www.drupal.org/sa-core-2019-007
The Guyana National CIRT recommends that users and administration review these updates and apply them where necessary.
Reference
https://www.us-cert.gov/ncas/current-activity/2019/05/09/Drupal-Releases-Security-Update