WordPress 4.9.7 is a security and maintenance release for all versions since WordPress 3.7.

According to several security organizations monitoring WordPress security version 4.9.6 and earlier are affected by a media issue that could potentially allow a user with certain capabilities to attempt to delete files outside the uploads directory.

You should update your sites immediately, since version 4.9.7 contains fixes for this particular vulnerability.

Seventeen other bugs were fixed in WordPress 4.9.7

Of particular note are the following:

Sites that support automatic background updates are already beginning to update automatically.