Lucene search
K

5 matches found

NVD
NVD
added 2026/03/31 3:16 p.m.3 views

CVE-2026-34172

Giskard is an open-source Python library for testing and evaluating agentic systems. Prior to versions 0.3.4 and 1.0.2b1, ChatWorkflow.chatmessage passes its string argument directly as a Jinja2 template source to a non-sandboxed Environment. A developer who passes user input to this method enabl...

8.8CVSS0.00611EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/31 1:50 p.m.20 views

CVE-2026-34172 Giskard Agents have Server-side template injection via ChatWorkflow.chat() using non-sandboxed Jinja2 Environment

Giskard is an open-source Python library for testing and evaluating agentic systems. Prior to versions 0.3.4 and 1.0.2b1, ChatWorkflow.chatmessage passes its string argument directly as a Jinja2 template source to a non-sandboxed Environment. A developer who passes user input to this method enabl...

7.7CVSS0.00611EPSS
Exploits1References1
CVE
CVE
added 2026/03/31 1:50 p.m.14 views

CVE-2026-34172

Giskard agents contain a server-side template injection vulnerability in ChatWorkflow.chat(message): when a string is passed, it is treated as a Jinja2 template by a non-sandboxed Environment, enabling full RCE via class traversal. Affected versions are before 0.3.4 and 1.0.2b1; the issue is miti...

8.8CVSS6.3AI score0.00611EPSS
Exploits1References1Affected Software2
OSV
OSV
added 2026/03/31 1:50 p.m.4 views

CVE-2026-34172 Giskard Agents have Server-side template injection via ChatWorkflow.chat() using non-sandboxed Jinja2 Environment

Giskard is an open-source Python library for testing and evaluating agentic systems. Prior to versions 0.3.4 and 1.0.2b1, ChatWorkflow.chatmessage passes its string argument directly as a Jinja2 template source to a non-sandboxed Environment. A developer who passes user input to this method enabl...

7.7CVSS6.4AI score0.00611EPSS
Exploits1References3
OSV
OSV
added 2026/03/27 10:17 p.m.7 views

GHSA-FRV4-X25R-588M Giskard Agents have Server-side template injection via ChatWorkflow.chat() using non-sandboxed Jinja2 Environment

Summary ChatWorkflow.chatmessage passes its string argument directly as a Jinja2 template source to a non-sandboxed Environment. A developer who passes user input to this method enables full remote code execution via Jinja2 class traversal. The method name chat and parameter name message naturall...

7.7CVSS6.5AI score0.00611EPSS
Exploits1References3
Rows per page
Query Builder