40 matches found
PYSEC-2026-392 llama-cpp-python vulnerable to Remote Code Execution by Server-Side Template Injection in Model Metadata
Description llama-cpp-python depends on class Llama in llama.py to load .gguf llama.cpp or Latency Machine Learning Models. The init constructor built in the Llama takes several parameters to configure the loading and running of the model. Other than NUMA, LoRa settings, loading tokenizers, and...
CVE-2026-40602
Summary: CVE-2026-40602 affects the Home Assistant Command-line interface (hass-cli). Up to version 1.0.0, hass-cli evaluated user-supplied input in Jinja2 templates in an unrestricted environment, granting access to Python internals and potentially extending templating beyond intended usage. Thi...
Arbitrary Code Injection
Overview sglang is a SGLang is a fast serving framework for large language models and vision language models. Affected versions of this package are vulnerable to Arbitrary Code Injection via the reranking endpoint when a model file containing a malicious tokenizer.chattemplate is loaded, due to...
Home Assistant Command-line Interface: Handling of user-supplied Jinja2 templates
Impact Up to 1.0.0 of home-assitant-cli or hass-cli for short an unrestricted environment was used to handle Jninja2 templates instead of a sandboxed one. The user-supplied input within Jinja2 templates was rendered locally with no restrictions. This gave users access to Python's internals and...
JumpServer 安全漏洞
JumpServer is an open-source bastion host provided by JumpServer Technology Co., Ltd. in Hangzhou, China. JumpServer has a security vulnerability, which stems from the insecure use of Jinja2 templates during the Applet and VirtualApp upload functions. This vulnerability could allow attackers with...
hckr-tr
⠀⠀⠀⣠⣴⡶⢶⣦⣄⠀⠀⠀⠀⠀⠀⠀⠀⣾⠋⠙⢿⣆⣤⣤⣄⠀⠀⠀ ⠀⠀⢰⣿⠁⠀⠀⠀⠙⢷⡄⠀⠀⠀⠀⠀⢸⡿⠀⠀⠀⠛⠉...
PT-2026-21846
Name of the Vulnerable Software and Affected Versions InvenTree versions prior to 1.2.3 Description InvenTree is an Open Source Inventory Management System. Prior to version 1.2.3, insecure server-side templates can be hijacked to expose secure information to the client. When generating custom...
CVE-2025-69516
A Server-Side Template Injection SSTI vulnerability in the /reporting/templates/preview/ endpoint of Amidaware Tactical RMM, affecting versions equal to or earlier than v1.3.1, allows low-privileged users with Report Viewer or Report Manager permissions to achieve remote command execution on the...
EUVD-2025-203397
An SSTI Server-Side Template Injection vulnerability exists in the getdunninglettertext method of Frappe ERPNext through 15.89.0. The function renders attacker-controlled Jinja2 templates bodytext using frappe.rendertemplate with a user-supplied context doc. Although Frappe uses a custom...
CVE-2025-66434
CVE-2025-66434 involves an SSTI in Frappe ERPNext up to version 15.89.0. The get_dunning_letter_text method renders attacker-controlled Jinja2 templates (body_text) via frappe.render_template() using a user-supplied context (doc). Despite a custom SandboxedEnvironment, dangerous globals such as f...
GHSA-6QV9-48XG-FC7F LangChain Vulnerable to Template Injection via Attribute Access in Prompt Templates
Context A template injection vulnerability exists in LangChain's prompt template system that allows attackers to access Python object internals through template syntax. This vulnerability affects applications that accept untrusted template strings not just template variables in ChatPromptTemplate...
GHSA-6FVQ-23CW-5628 vLLM: Resource-Exhaustion (DoS) through Malicious Jinja Template in OpenAI-Compatible Server
Summary A resource-exhaustion denial-of-service vulnerability exists in multiple endpoints of the OpenAI-Compatible Server due to the ability to specify Jinja templates via the chattemplate and chattemplatekwargs parameters. If an attacker can supply these parameters to the API, they can cause a...
vLLM: Resource-Exhaustion (DoS) through Malicious Jinja Template in OpenAI-Compatible Server
Summary A resource-exhaustion denial-of-service vulnerability exists in multiple endpoints of the OpenAI-Compatible Server due to the ability to specify Jinja templates via the chattemplate and chattemplatekwargs parameters. If an attacker can supply these parameters to the API, they can cause a...
EUVD-2025-22033
Malicious code in bioql PyPI...
EUVD-2024-48079
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-6395
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with roo...
CVE-2025-54316
An issue was discovered in Logpoint before 7.6.0. When creating reports, attackers can create custom Jinja templates that chained built-in filter functions to generate XSS payloads. These payloads can be rendered by the Logpoint Report Template engine, making it vulnerable to cross-site scripting...
CVE-2025-54316
An issue was discovered in Logpoint before 7.6.0. When creating reports, attackers can create custom Jinja templates that chained built-in filter functions to generate XSS payloads. These payloads can be rendered by the Logpoint Report Template engine, making it vulnerable to cross-site scripting...
Logpoint 跨站脚本漏洞
Logpoint is a network security application from Logpoint Denmark. A cross-site scripting vulnerability exists in Logpoint versions prior to 7.6.0, which stems from a failure to validate a Jinja template when creating a report, and could lead to a cross-site scripting attack...
CVE-2025-54316
An issue was discovered in Logpoint before 7.6.0. When creating reports, attackers can create custom Jinja templates that chained built-in filter functions to generate XSS payloads. These payloads can be rendered by the Logpoint Report Template engine, making it vulnerable to cross-site scripting...