CVE-2026-2969

A flaw has been found in datapizza-labs datapizza-ai 0.0.2. Affected is the function ChatPromptTemplate of the file datapizza-ai-core/datapizza/modules/prompt/prompt.py of the component Jinja2 Template Handler. This manipulation of the argument Prompt causes improper neutralization of special...

datapizza-ai: Server-Side Template Injection in ChatPromptTemplate via Jinja2 Template Handler

A flaw has been found in datapizza-labs datapizza-ai 0.0.2. Affected is the function ChatPromptTemplate of the file datapizza-ai-core/datapizza/modules/prompt/prompt.py of the component Jinja2 Template Handler. This manipulation of the argument Prompt causes improper neutralization of special...

GHSA-Q5XX-FXV3-XXQF datapizza-ai: Server-Side Template Injection in ChatPromptTemplate via Jinja2 Template Handler

A flaw has been found in datapizza-labs datapizza-ai 0.0.2. Affected is the function ChatPromptTemplate of the file datapizza-ai-core/datapizza/modules/prompt/prompt.py of the component Jinja2 Template Handler. This manipulation of the argument Prompt causes improper neutralization of special...

CVE-2026-2969

A flaw has been found in datapizza-labs datapizza-ai 0.0.2. Affected is the function ChatPromptTemplate of the file datapizza-ai-core/datapizza/modules/prompt/prompt.py of the component Jinja2 Template Handler. This manipulation of the argument Prompt causes improper neutralization of special...

CVE-2026-2969

A flaw has been found in datapizza-labs datapizza-ai 0.0.2. Affected is the function ChatPromptTemplate of the file datapizza-ai-core/datapizza/modules/prompt/prompt.py of the component Jinja2 Template Handler. This manipulation of the argument Prompt causes improper neutralization of special...

CVE-2026-2969 datapizza-labs datapizza-ai Jinja2 Template prompt.py ChatPromptTemplate special elements used in a template engine

A flaw has been found in datapizza-labs datapizza-ai 0.0.2. Affected is the function ChatPromptTemplate of the file datapizza-ai-core/datapizza/modules/prompt/prompt.py of the component Jinja2 Template Handler. This manipulation of the argument Prompt causes improper neutralization of special...

Malicious code in chat-prompt-logger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f25a736985f5c0bb50156fdc7de61e976b16416f42c44a2682b5ce718401383b The package provides a logger of LLM prompts that at the same time looks for hidden instructions and executes them. --- Category: MALICIOUS - The campaign has...

MAL-2025-191699 Malicious code in chat-prompt-logger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f25a736985f5c0bb50156fdc7de61e976b16416f42c44a2682b5ce718401383b The package provides a logger of LLM prompts that at the same time looks for hidden instructions and executes them. --- Category: MALICIOUS - The campaign has...

CVE-2025-65106

LangChain is a framework for building agents and LLM-powered applications. From versions 0.3.79 and prior and 1.0.0 to 1.0.6, a template injection vulnerability exists in LangChain's prompt template system that allows attackers to access Python object internals through template syntax. This...

Template Injection

Overview langchain-core is a Building applications with LLMs through composability Affected versions of this package are vulnerable to Template Injection in the prompt template system. An attacker can access internal Python object attributes by submitting specially crafted template strings to...

EUVD-2025-7025

Malicious code in bioql PyPI...

Astra Linux – Vulnerability in Firefox

By first using the AI chatbot in one tab and then activating it in another tab, the document title from the previous tab would be leaked into the chat prompt. This vulnerability was fixed in Firefox 137...

SUSE CVE-2025-3035

By first using the AI chatbot in one tab and later activating it in another tab, the document title of the previous tab would leak into the chat prompt. This vulnerability was fixed in Firefox 137...

CVE-2025-3035

By first using the AI chatbot in one tab and later activating it in another tab, the document title of the previous tab would leak into the chat prompt. This vulnerability affects Firefox 137...

CVE-2025-3035

By first using the AI chatbot in one tab and later activating it in another tab, the document title of the previous tab would leak into the chat prompt. This vulnerability affects Firefox 137...

CVE-2025-3035

By first using the AI chatbot in one tab and later activating it in another tab, the document title of the previous tab would leak into the chat prompt. This vulnerability was fixed in Firefox 137...

UBUNTU-CVE-2025-3035

By first using the AI chatbot in one tab and later activating it in another tab, the document title of the previous tab would leak into the chat prompt. This vulnerability affects Firefox 137...

CVE-2025-3035

Mozilla Firefox vulnerability CVE-2025-3035 affects Firefox versions earlier than 137.0. When a user opens an AI chatbot in one tab and later activates it in another, the document title from the previous tab can leak into the chat prompt. The available connected sources confirm the affected produ...

PT-2025-14110

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 137 Description The issue occurs when the AI chatbot is used in one tab and then activated in another tab, causing the document title of the previous tab to leak into the chat prompt. Recommendations For versions prio...

GHSA-5CHR-FJJV-38QV langchain-core allows unauthorized users to read arbitrary files from the host file system

A vulnerability in langchain-core versions =0.1.17,=0.2.0,=0.3.0,0.3.15 allows unauthorized users to read arbitrary files from the host file system. The issue arises from the ability to create langchaincore.prompts.ImagePromptTemplate's and by extension langchaincore.prompts.ChatPromptTemplate's...