A major security fixed (RCE) has been released for Twig. While the core isn't affected (because there is no way to define Twig template from the board) some extension may be.