Lucene search
+L

662 matches found

cve
cve
added 3 days ago17 views

CVE-2026-15519

The CVE-2026-15519 entry affects usestrix strix up to 1.0.2, specifically the PyPI Handler’s file system_prompt.jinja. A manipulation can cause inclusion of functionality from an untrusted control sphere. The vulnerability is exploitable remotely with network impact and a high attack complexity; ...

5.1CVSS5.4AI score0.00238EPSS
Exploits0References5
osv
osv
added 2026/07/07 2:34 p.m.4 views

PYSEC-2026-1804 Azure PromptFlow remote code execution related to Jinja templates

Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network...

6.5CVSS7AI score0.00492EPSS
Exploits0References7
osv
osv
added 2026/07/07 2:34 p.m.5 views

PYSEC-2026-1475 Jinja has a sandbox breakout through indirect reference to format method

An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on th...

7.8CVSS7.1AI score0.005EPSS
Exploits0References8
osv
osv
added 2026/07/07 11:45 a.m.4 views

PYSEC-2026-1474 Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter

The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, , or =, as each would then be interpreted as starting a separate attribute. If an application accepts keys as opposed to only values as user input, and...

5.4CVSS6.7AI score0.00979EPSS
Exploits0References11
osv
osv
added 2026/07/07 11:45 a.m.4 views

PYSEC-2026-1473 Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter

The xmlattr filter in affected versions of Jinja accepts keys containing spaces. XML/HTML attributes cannot contain spaces, as each would then be interpreted as a separate attribute. If an application accepts keys as opposed to only values as user input, and renders these in pages that other user...

5.4CVSS6.8AI score0.00892EPSS
Exploits0References12
osv
osv
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-364 Jupyter Enterprise Gateway: Jinja2 Template Server Side Template Injection resulting in Remote Code Execution

Summary The environment variables KERNELXXX used during the rendering of the Kubernetes manifest are vulnerable to Server Side Template Injection SSTI. By including Jinja2 template expressions it is possible to execution Python code and OS Commands in the Enterprise Gateway service. The code can...

10CVSS6.4AI score0.0086EPSS
Exploits0References5
osv
osv
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-392 llama-cpp-python vulnerable to Remote Code Execution by Server-Side Template Injection in Model Metadata

Description llama-cpp-python depends on class Llama in llama.py to load .gguf llama.cpp or Latency Machine Learning Models. The init constructor built in the Llama takes several parameters to configure the loading and running of the model. Other than NUMA, LoRa settings, loading tokenizers, and...

9.6CVSS7.8AI score0.2842EPSS
Exploits1References6
osv
osv
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-387 LiteLLM has Server-Side Template Injection vulnerability in /completions endpoint

BerriAI/litellm is vulnerable to Server-Side Template Injection SSTI via the /completions endpoint. The vulnerability arises from the hfchattemplate method processing the chattemplate parameter from the tokenizerconfig.json file through the Jinja template engine without proper sanitization...

9.8CVSS7.7AI score0.01256EPSS
Exploits1References9
cvelist
cvelist
added 2026/06/24 8:52 p.m.20 views

CVE-2026-33235 AutoGPT: Denial of Service (DoS) via Resource Exhaustion in text templating features

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions prior to 0.6.52, the Fill Text Template block is vulnerable to a Denial of Service DoS attack. While the backend implements a SandboxedEnvironment to prevent...

7.7CVSS0.0031EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/06/05 7:23 p.m.11 views

CVE-2026-35483

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in loadtemplate allows reading files with .jinja, .jinja2, .yaml, or .yml extensions from anywhere on the server filesystem. For .jinja files the...

5.3CVSS5.5AI score0.00325EPSS
Exploits1References1
github
github
added 2026/06/03 9:37 p.m.13 views

Jupyter Enterprise Gateway: Kubernetes Manifest Injection in Jinja2 Template Rendering

Summary The environment variables used during the rendering of the Kubernetes manifest allow YAML injection, enabling attackers to overwrite existing keys like securityContext and inject multi-document YAML to create additional unintended Kubernetes resources. Details The server interpolates...

6.2AI score0.00062EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2026/05/29 12:0 a.m.23 views

PT-2026-44826

Name of the Vulnerable Software and Affected Versions RAGFlow versions prior to 0.24.1 Description A Server-Side Template Injection SSTI exists in the prompt generator located in rag/prompts/generator.py. This issue allows authenticated users to execute arbitrary operating system commands on the...

9.9CVSS6.2AI score0.00294EPSS
Exploits0References4
osv
osv
added 2026/05/28 7:1 p.m.8 views

GHSA-GG2G-P7XC-QQMM compliance-trestle Vulnerable to Remote Code Execution via Recursive Server-Side Template Injection (SSTI)

A High severity Server-Side Template Injection SSTI vulnerability exists in the trestle author jinja command. The command recursively evaluates rendered templates, allowing an attacker to achieve arbitrary command execution with privileges of the running process by injecting malicious payloads in...

7.8CVSS6.2AI score0.00022EPSS
Exploits0References4
github
github
added 2026/05/28 7:1 p.m.14 views

compliance-trestle Vulnerable to Remote Code Execution via Recursive Server-Side Template Injection (SSTI)

A High severity Server-Side Template Injection SSTI vulnerability exists in the trestle author jinja command. The command recursively evaluates rendered templates, allowing an attacker to achieve arbitrary command execution with privileges of the running process by injecting malicious payloads in...

6.2AI score0.00022EPSS
Exploits0References4Affected Software1
snyk
snyk
added 2026/05/28 5:44 p.m.7 views

External Control of File Name or Path

Overview compliance-trestle is a Tools to manage & autogenerate python objects representing the OSCAL layers/models Affected versions of this package are vulnerable to External Control of File Name or Path via the -o/--output argument in the trestle author jinja. An attacker can overwrite arbitra...

8.6CVSS5.8AI score0.0005EPSS
Exploits0References4
osv
osv
added 2026/05/28 5:44 p.m.9 views

GHSA-4Q5V-7G7X-J79W compliance-trestle - jinja has an Arbitrary File Write via Path Traversal

Relevant Products/Components: trestle/core/commands/author/jinja.py trestle author jinja --- Detailed Description: The -o/--output argument in trestle author jinja allows writing files outside the intended workspace. The application does not properly validate: ../ ..\ absolute paths This allows...

8.4CVSS6.2AI score0.0005EPSS
Exploits0References4
github
github
added 2026/05/28 5:44 p.m.19 views

compliance-trestle - jinja has an Arbitrary File Write via Path Traversal

Relevant Products/Components: trestle/core/commands/author/jinja.py trestle author jinja --- Detailed Description: The -o/--output argument in trestle author jinja allows writing files outside the intended workspace. The application does not properly validate: ../ ..\ absolute paths This allows...

6.2AI score0.0005EPSS
Exploits0References4Affected Software1
ptsecurity
ptsecurity
added 2026/05/28 12:0 a.m.19 views

PT-2026-44548

Name of the Vulnerable Software and Affected Versions compliance-trestle affected versions not specified Description A Server-Side Template Injection SSTI issue exists in the trestle author jinja command. The problem occurs because the render template function in...

7.8CVSS6.3AI score0.00022EPSS
Exploits0References9
ibm
ibm
added 2026/05/14 11:59 p.m.13 views

Security Bulletin: IBM Cognos Analytics is affected by multiple security vulnerabilities

Summary There are vulnerabilities in multiple Open-Source Software OSS components consumed by IBM Cognos Analytics. Please review the below vulnerabilities and take necessary remediation actions. This Security Bulletin relates only to the direct usage of third-party components by IBM Cognos...

8.8CVSS7.4AI score0.01058EPSS
Exploits1Affected Software1
nessus
nessus
added 2026/05/09 12:0 a.m.12 views

Unity Linux 20.1050e / 20.1070e Security Update: python-jinja2 (UTSA-2026-017337)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017337 advisory. Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content...

8.8CVSS5.9AI score0.00301EPSS
Exploits0References4
Rows per page
Query Builder