This blog post details one of these very unique cases: CVE-2022-44877, an unauthenticated Command Injection issue, flagged by CISA as a Known Exploited Vulnerability (CISA KEV).
Article Link: Control Web Panel - Fingerprinting Open-Source Software using a Consolidation Algorithm approach | Bitsight