Lucene search
K

4 matches found

CERT
CERT
added 2026/04/20 12:0 a.m.8 views

SGLang is vulnerable to remote code execution when rendering chat templates from a model file

Overview A remote code execution vulnerability has been discovered in the SGLang project, specifically in the reranking endpoint /v1/rerank. A CVE has been assigned to track the vulnerability; CVE-2026-5760. An attacker can create a malicious model for SGLang to achieve RCE. Successful exploitati...

9.8CVSS7.5AI score0.00852EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-8341

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Jinja2 2.10. The fromstring function is prone to Server Side Template Injection SSTI where it takes the source parameter as a templat...

9.8CVSS7.8AI score0.4478EPSS
Exploits5References3
Vulnrichment
Vulnrichment
added 2025/04/19 3:31 p.m.5 views

CVE-2025-3804 thautwarm vscode-diana Jinja2 Template Gen.py injection

A vulnerability classified as critical has been found in thautwarm vscode-diana 0.0.1. Affected is an unknown function of the file Gen.py of the component Jinja2 Template Handler. The manipulation leads to injection. Attacking locally is a requirement. The exploit has been disclosed to the public...

5.3CVSS7.3AI score0.00201EPSS
Exploits0References5
OSV
OSV
added 2024/03/29 2:57 p.m.11 views

CVE-2024-29202 JumpServer vulnerable to Jinja2 template injection in Ansible leads to RCE in Celery

JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can exploit a Jinja2 template injection vulnerability in JumpServer's Ansible to execute arbitrary code within the Celery container. Since the Celery container runs with root privileges and...

9.9CVSS8.9AI score0.05939EPSS
Exploits1References4
Rows per page
Query Builder