Lucene search
K

131 matches found

OSV
OSV
added 3 days ago3 views

PYSEC-2026-1471 Jinja2 vulnerable to sandbox breakout through attr filter selecting format method

An oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends o...

5.4CVSS7.3AI score0.00476EPSS
Exploits0References8
OSV
OSV
added 3 days ago4 views

PYSEC-2026-1475 Jinja has a sandbox breakout through indirect reference to format method

An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on th...

7.8CVSS7.1AI score0.005EPSS
Exploits0References8
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-476 PraisonAI Vulnerable Untrusted Remote Template Code Execution

PraisonAI treats remotely fetched template files as trusted executable code without integrity verification, origin validation, or user confirmation, enabling supply chain attacks through malicious templates. --- Description When a user installs a template from a remote source e.g., GitHub,...

9.3CVSS6.3AI score0.00304EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.10 views

Unity Linux 20.1060e / 20.1070e Security Update: nodejs-handlebars (UTSA-2026-016670)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016670 advisory. The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted...

9.8CVSS6.9AI score0.04506EPSS
Exploits1References4
Snyk
Snyk
added 2026/05/20 9:41 a.m.8 views

Allocation of Resources Without Limits or Throttling

Overview twig/twig is a flexible, fast, and secure template language for PHP. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via untrusted Twig template evaluation within the sandbox. An attacker can cause denial of service by supplying...

8.7CVSS5.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.9 views

Unity Linux 20.1050e / 20.1070e Security Update: python-jinja2 (UTSA-2026-017331)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017331 advisory. Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that...

7.8CVSS7.3AI score0.005EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/22 7:58 p.m.4 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the require process. An attacker can access sensitive local .js and .json files by supplying malicious JavaScript templates that exploit the module loader to bypass file access restrictions. This is only...

6.8CVSS5.8AI score0.00114EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/22 7:58 p.m.7 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the require process. An attacker can access sensitive local .js and .json files by supplying malicious JavaScript templates that exploit the module loader to bypass file access restrictions. This is only...

6.8CVSS5.8AI score0.00114EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/22 7:58 p.m.3 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the require process. An attacker can access sensitive local .js and .json files by supplying malicious JavaScript templates that exploit the module loader to bypass file access restrictions. This is only...

6.8CVSS5.8AI score0.00114EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.27 views

PT-2026-34613

Name of the Vulnerable Software and Affected Versions Nuclei versions 3.0.0 through 3.7.9 Description A flaw in the JavaScript protocol runtime's module loading system allows JavaScript templates to read local .js and .json files from the host filesystem. This occurs because the require function...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References11
CVE
CVE
added 2026/04/09 9:42 p.m.20 views

CVE-2026-40154

PraisonAI (multi-agent teams system) is affected by CVE-2026-40154. Prior to version 4.5.128, remotely fetched template files were treated as trusted executable code without integrity checks, origin validation, or user confirmation, enabling supply-chain exploitation. According to the connected r...

9.6CVSS6AI score0.00304EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/04/08 9:51 p.m.4 views

GHSA-926X-3R5X-GFHW LangChain has incomplete f-string validation in prompt templates

LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string templates and formatted them without enforcing the same attribute-access validation as PromptTemplate. In particular, DictPromptTemplate and ImagePromptTemplate...

5.3CVSS5.9AI score0.00262EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2026/04/08 9:51 p.m.10 views

LangChain has incomplete f-string validation in prompt templates

LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string templates and formatted them without enforcing the same attribute-access validation as PromptTemplate. In particular, DictPromptTemplate and ImagePromptTemplate...

5.3CVSS6AI score0.00262EPSS
Exploits0References9Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/03 11:2 p.m.6 views

CVE-2026-34730

Copier is a library and CLI app for rendering project templates. Prior to version 9.14.1, Copier's externaldata feature allows a template to load YAML files using template-controlled paths. If untrusted templates are in scope, a malicious template can read attacker-chosen YAML-parseable local fil...

5.5CVSS5.8AI score0.00287EPSS
Exploits1References1
NVD
NVD
added 2026/04/02 7:21 p.m.3 views

CVE-2026-34730

Copier is a library and CLI app for rendering project templates. Prior to version 9.14.1, Copier's externaldata feature allows a template to load YAML files using template-controlled paths. If untrusted templates are in scope, a malicious template can read attacker-chosen YAML-parseable local fil...

5.5CVSS0.00287EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/02 6:9 p.m.2 views

CVE-2026-34730

Copier is a library and CLI app for rendering project templates. Prior to version 9.14.1, Copier's externaldata feature allows a template to load YAML files using template-controlled paths. If untrusted templates are in scope, a malicious template can read attacker-chosen YAML-parseable local fil...

5.5CVSS5.8AI score0.00287EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/04/02 6:9 p.m.24 views

CVE-2026-34730 Copier `_external_data` allows path traversal and absolute-path local file read without unsafe mode

Copier is a library and CLI app for rendering project templates. Prior to version 9.14.1, Copier's externaldata feature allows a template to load YAML files using template-controlled paths. If untrusted templates are in scope, a malicious template can read attacker-chosen YAML-parseable local fil...

5.5CVSS0.00287EPSS
Exploits1References3
OSV
OSV
added 2026/04/01 10:38 p.m.4 views

GHSA-HGJQ-P8CR-GG4H Copier `_external_data` allows path traversal and absolute-path local file read without unsafe mode

Summary Copier's externaldata feature allows a template to load YAML files using template-controlled paths. The documentation describes these values as relative paths from the subproject destination, so relative paths themselves appear to be part of the intended feature model. However, the curren...

5.5CVSS5.9AI score0.00287EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/04/01 10:38 p.m.6 views

Copier `_external_data` allows path traversal and absolute-path local file read without unsafe mode

Summary Copier's externaldata feature allows a template to load YAML files using template-controlled paths. The documentation describes these values as relative paths from the subproject destination, so relative paths themselves appear to be part of the intended feature model. However, the curren...

5.5CVSS5.9AI score0.00287EPSS
Exploits1References5Affected Software1
Snyk
Snyk
added 2026/04/01 10:28 p.m.4 views

Directory Traversal

Overview copier is an A library for rendering project templates. Affected versions of this package are vulnerable to Directory Traversal via the subdirectory setting, which allows parent-directory traversal. If a user runs Copier on an untrusted template, an attacker can access files outside the...

4.6CVSS6.5AI score0.00383EPSS
Exploits1References2
Rows per page
Query Builder