Hi there!
We released important security fixes a few hours ago as part of version 11.1.21, and advise to upgrade your system as soon as possible.
The underlying security issues were a set of misconfigured file permissions that, if combined with another arbitrary code execution from an app, could allow an attacker to escalate privileges.
Note for advanced users: if you tweaked your nginx conf manually, you may want to check the output of yunohost tools regen-conf nginx --dry-run --with-diff to manually propagate some of the changes, which may otherwise result in YunoHost being unable to self-diagnose or to renew Let’s Encrypt certificates