Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-28744

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00327EPSS
Exploits0References5
Veracode
Veracode
added 2025/06/27 3:26 p.m.5 views

Template Injection

PySpur is vulnerable to Template Injection. The vulnerability is due to improper neutralization of special elements due to unsafe handling of the usermessage argument in the SingleLLMCallNode function of the Jinja2 Template Handler component...

6.5CVSS6.2AI score0.00327EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/25 7:1 p.m.17 views

CVE-2025-6518

A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical. Affected is the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/singlellmcall.py of the component Jinja2 Template Handler. The manipulation of the argument usermessage leads to imprope...

6.5CVSS7.2AI score0.00327EPSS
Exploits0References1
OSV
OSV
added 2025/06/23 9:31 p.m.5 views

GHSA-8GFF-CF92-72PV pyspur Incomplete Filtering of Special Elements allowed by SingleLLMCallNode function

A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical. Affected is the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/singlellmcall.py of the component Jinja2 Template Handler. The manipulation of the argument usermessage leads to imprope...

6.3CVSS7.1AI score0.00327EPSS
Exploits0References6
Snyk
Snyk
added 2025/06/23 7:41 p.m.4 views

Improper Neutralization of Special Elements Used in a Template Engine

Overview pyspur is a PySpur is a Graph UI for building AI Agents in Python Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine via the SingleLLMCallNode function. An attacker can execute unauthorized template code and potential...

6.5CVSS7.2AI score0.00327EPSS
Exploits0References2
NVD
NVD
added 2025/06/23 7:15 p.m.7 views

CVE-2025-6518

A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical. Affected is the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/singlellmcall.py of the component Jinja2 Template Handler. The manipulation of the argument usermessage leads to imprope...

6.5CVSS0.00327EPSS
Exploits0References4
OSV
OSV
added 2025/06/23 7:0 p.m.3 views

CVE-2025-6518 PySpur-Dev pyspur Jinja2 Template single_llm_call.py SingleLLMCallNode special elements used in a template engine

A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical. Affected is the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/singlellmcall.py of the component Jinja2 Template Handler. The manipulation of the argument usermessage leads to imprope...

5.3CVSS6AI score0.00327EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/06/23 7:0 p.m.3 views

CVE-2025-6518 PySpur-Dev pyspur Jinja2 Template single_llm_call.py SingleLLMCallNode special elements used in a template engine

A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical. Affected is the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/singlellmcall.py of the component Jinja2 Template Handler. The manipulation of the argument usermessage leads to imprope...

6.5CVSS7.2AI score0.00327EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/06/23 7:0 p.m.20 views

CVE-2025-6518 PySpur-Dev pyspur Jinja2 Template single_llm_call.py SingleLLMCallNode special elements used in a template engine

A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical. Affected is the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/singlellmcall.py of the component Jinja2 Template Handler. The manipulation of the argument usermessage leads to imprope...

6.5CVSS0.00327EPSS
Exploits0References4
CVE
CVE
added 2025/06/23 7:0 p.m.22 views

CVE-2025-6518

CVE-2025-6518 affects PySpur-Dev pyspur up to 0.1.18. The vulnerability is in the SingleLLMCallNode function (backend/pyspur/nodes/llm/single_llm_call.py) of the Jinja2 Template Handler, where improper neutralization of special elements in user_message enables remote exploitation. The exploit sta...

6.5CVSS6.4AI score0.00327EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/06/23 12:0 a.m.8 views

PT-2025-26638

Name of the Vulnerable Software and Affected Versions: PySpur-Dev pyspur versions up to 0.1.18 Description: A critical issue was found in the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/single llm call.py of the component Jinja2 Template Handler. The manipulation of the argume...

6.5CVSS6AI score0.00327EPSS
Exploits0References13
CNNVD
CNNVD
added 2025/06/23 12:0 a.m.5 views

PySpur 安全漏洞

PySpur is a visual playground for agent workflows in PySpur open source: iterate through agents 10x faster. A security vulnerability exists in PySpur 0.1.18 and earlier versions, which stems from improper neutralization of special elements of the template engine due to incorrect manipulation of t...

6.5CVSS6.2AI score0.00327EPSS
Exploits0References5
Rows per page
Query Builder