Lucene search
K

386 matches found

Cvelist
Cvelist
added 2026/03/27 9:8 p.m.54 views

CVE-2026-33939 Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, when a Handlebars template contains decorator syntax referencing an unregistered decorator e.g. n, the compiled template calls lookupPropertydecorators, "n", which returns undefined. Th...

7.5CVSS0.00616EPSS
Exploits1References3
OSV
OSV
added 2026/03/27 9:8 p.m.3 views

CVE-2026-33939 Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, when a Handlebars template contains decorator syntax referencing an unregistered decorator e.g. n, the compiled template calls lookupPropertydecorators, "n", which returns undefined. Th...

7.5CVSS5.9AI score0.00616EPSS
Exploits1References10
ATTACKERKB
ATTACKERKB
added 2026/03/27 9:8 p.m.9 views

CVE-2026-33939

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, when a Handlebars template contains decorator syntax referencing an unregistered decorator e.g. n, the compiled template calls lookupPropertydecorators, "n", which returns undefined. Th...

7.5CVSS5.9AI score0.00616EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2026/03/27 9:8 p.m.4 views

CVE-2026-33939

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, when a Handlebars template contains decorator syntax referencing an unregistered decorator e.g. n, the compiled template calls lookupPropertydecorators, "n", which returns undefined. Th...

7.5CVSS5.3AI score0.00616EPSS
Exploits1
Cvelist
Cvelist
added 2026/03/27 9:5 p.m.24 views

CVE-2026-33938 Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, the @partial-block special variable is stored in the template data context and is reachable and mutable from within a template via helpers that accept arbitrary objects. When a helper...

8.1CVSS0.00709EPSS
Exploits1References3
OSV
OSV
added 2026/03/27 9:5 p.m.5 views

CVE-2026-33938 Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, the @partial-block special variable is stored in the template data context and is reachable and mutable from within a template via helpers that accept arbitrary objects. When a helper...

8.1CVSS6.2AI score0.00709EPSS
Exploits1References10
Vulnrichment
Vulnrichment
added 2026/03/27 9:5 p.m.7 views

CVE-2026-33938 Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, the @partial-block special variable is stored in the template data context and is reachable and mutable from within a template via helpers that accept arbitrary objects. When a helper...

8.1CVSS6.2AI score0.00709EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/27 9:5 p.m.4 views

CVE-2026-33938

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, the @partial-block special variable is stored in the template data context and is reachable and mutable from within a template via helpers that accept arbitrary objects. When a helper...

8.1CVSS6.2AI score0.00709EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2026/03/27 9:5 p.m.4 views

CVE-2026-33938

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, the @partial-block special variable is stored in the template data context and is reachable and mutable from within a template via helpers that accept arbitrary objects. When a helper...

8.1CVSS5.8AI score0.00709EPSS
Exploits1
CVE
CVE
added 2026/03/27 9:5 p.m.81 views

CVE-2026-33938

The vulnerability CVE-2026-33938 affects the Handlebars library. In versions 4.0.0 through 4.7.8, the special variable @partial-block is stored in the template data context and can be reached and mutated via helpers that accept arbitrary objects. An attacker could overwrite @partial-block with a ...

8.1CVSS6.2AI score0.00709EPSS
Exploits1References8Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/27 9:3 p.m.9 views

CVE-2026-33937 Handlebars.js has JavaScript Injection via AST Type Confusion

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, Handlebars.compile accepts a pre-parsed AST object in addition to a template string. The value field of a NumberLiteral AST node is emitted directly into the generated JavaScript withou...

9.8CVSS6.2AI score0.0178EPSS
Exploits2References3
Cvelist
Cvelist
added 2026/03/27 9:3 p.m.23 views

CVE-2026-33937 Handlebars.js has JavaScript Injection via AST Type Confusion

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, Handlebars.compile accepts a pre-parsed AST object in addition to a template string. The value field of a NumberLiteral AST node is emitted directly into the generated JavaScript withou...

9.8CVSS0.0178EPSS
Exploits2References3
CVE
CVE
added 2026/03/27 9:3 p.m.243 views

CVE-2026-33937

CVE-2026-33937 affects Handlebars.js prior to 4.7.9, where Handlebars.compile() accepts a pre-parsed AST; the NumberLiteral.value is emitted into generated JS without quoting, enabling remote code execution if a crafted AST is supplied. Versions 4.0.0–4.7.8 are vulnerable; 4.7.9 fixes the issue. ...

9.8CVSS6.2AI score0.0178EPSS
Exploits2References8Affected Software1
OSV
OSV
added 2026/03/27 9:3 p.m.8 views

CVE-2026-33937 Handlebars.js has JavaScript Injection via AST Type Confusion

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, Handlebars.compile accepts a pre-parsed AST object in addition to a template string. The value field of a NumberLiteral AST node is emitted directly into the generated JavaScript withou...

9.8CVSS6.2AI score0.0178EPSS
Exploits2References10
ATTACKERKB
ATTACKERKB
added 2026/03/27 9:3 p.m.7 views

CVE-2026-33937

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, Handlebars.compile accepts a pre-parsed AST object in addition to a template string. The value field of a NumberLiteral AST node is emitted directly into the generated JavaScript withou...

9.8CVSS6.2AI score0.0178EPSS
Exploits2References4Affected Software1
Debian CVE
Debian CVE
added 2026/03/27 9:3 p.m.6 views

CVE-2026-33937

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, Handlebars.compile accepts a pre-parsed AST object in addition to a template string. The value field of a NumberLiteral AST node is emitted directly into the generated JavaScript withou...

9.8CVSS6AI score0.0178EPSS
Exploits2
Cvelist
Cvelist
added 2026/03/27 9:0 p.m.27 views

CVE-2026-33916 Handlebars.js has Prototype Pollution Leading to XSS through Partial Template Injection

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, resolvePartial in the Handlebars runtime resolves partial names via a plain property lookup on options.partials without guarding against prototype-chain traversal. When Object.prototype...

4.7CVSS0.00276EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/27 9:0 p.m.2 views

CVE-2026-33916

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, resolvePartial in the Handlebars runtime resolves partial names via a plain property lookup on options.partials without guarding against prototype-chain traversal. When Object.prototype...

4.7CVSS5.8AI score0.00276EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2026/03/27 9:0 p.m.4 views

CVE-2026-33916

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, resolvePartial in the Handlebars runtime resolves partial names via a plain property lookup on options.partials without guarding against prototype-chain traversal. When Object.prototype...

4.7CVSS5.3AI score0.00276EPSS
Exploits1
CVE
CVE
added 2026/03/27 9:0 p.m.27 views

CVE-2026-33916

Handlebars.js CVE-2026-33916 affects 4.0.0–4.7.8 where resolvePartial() looks up partials via options.partials without guarding prototype traversal. If Object.prototype is polluted with a string key matching a partial, that string becomes the partial body and is rendered unescaped, enabling refle...

4.7CVSS5.8AI score0.00276EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder