EUVD-2026-6097

🗓️ 16 Feb 2026 12:30:25Reported by EUVDType

Pretix email placeholders leak data and render twice; rotate credentials in pretix.cfg.

Reporter	Title	Published	Views	Family All 15
ATTACKERKB	CVE-2026-2415	16 Feb 202610:15	–	attackerkb
CNNVD	pretix 安全漏洞	16 Feb 202600:00	–	cnnvd
CVE	CVE-2026-2415	16 Feb 202610:15	–	cve
Cvelist	CVE-2026-2415 Unsafe variable evaluation in email templates	16 Feb 202610:15	–	cvelist
Github Security Blog	pretix unsafely evaluates variables in emails	16 Feb 202612:30	–	github
NVD	CVE-2026-2415	16 Feb 202611:15	–	nvd
OSV	GHSA-R8P8-QW9W-J9QV pretix unsafely evaluates variables in emails	16 Feb 202612:30	–	osv
OSV	PYSEC-2026-110	16 Feb 202611:15	–	osv
Positive Technologies	PT-2026-8331	16 Feb 202600:00	–	ptsecurity
PyPA	PYSEC-2026-110	16 Feb 202611:15	–	pypa

[
  {
    "enisaIdVendor": [
      {
        "id": "ecfef174-826b-49f2-baff-5f48c320940e",
        "vendor": {
          "name": "pretix"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "4f2e7a10-477a-474b-b575-665c469949bb",
        "product": {
          "name": "pretix"
        },
        "product_version": "2025.10.0 <2026.1.0"
      },
      {
        "id": "5958d149-5e86-4e12-b302-281f26668223",
        "product": {
          "name": "pretix"
        },
        "product_version": "2025.9.0 <2025.10.0"
      },
      {
        "id": "7d5a1158-0ab9-4407-b94a-a07c8b2197b9",
        "product": {
          "name": "pretix"
        },
        "product_version": "2026.1.0 <2026.1.1"
      },
      {
        "id": "f7d52e29-d9ae-4a62-9598-0cec6ea41216",
        "product": {
          "name": "pretix"
        },
        "product_version": "4.16.0 <2025.9.0"
      }
    ]
  }
]

Source	Link
pretix	www.pretix.eu/about/en/blog/20260216-release-2026-1-1/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-2415

16 Feb 2026 12:30Current

5.5Medium risk

Vulners AI Score5.5

CVSS 49

EPSS0.00243

SSVC