792 matches found
GHSA-H3RR-9WQJ-V3C6 AstrBot has Incomplete Filtering of Special Elements
A security flaw has been discovered in AstrBotDevs AstrBot up to 4.22.1. This affects the function createtemplate of the file astrbot/dashboard/routes/t2i.py of the component Dashboard API. The manipulation results in improper neutralization of special elements used in a template engine. The atta...
CVE-2026-6984
A security flaw has been discovered in AstrBotDevs AstrBot up to 4.22.1. This affects the function createtemplate of the file astrbot/dashboard/routes/t2i.py of the component Dashboard API. The manipulation results in improper neutralization of special elements used in a template engine. The atta...
CVE-2026-6984 AstrBotDevs AstrBot Dashboard API t2i.py create_template special elements used in a template engine
A security flaw has been discovered in AstrBotDevs AstrBot up to 4.22.1. This affects the function createtemplate of the file astrbot/dashboard/routes/t2i.py of the component Dashboard API. The manipulation results in improper neutralization of special elements used in a template engine. The atta...
EUVD-2026-25660
A security flaw has been discovered in AstrBotDevs AstrBot up to 4.22.1. This affects the function createtemplate of the file astrbot/dashboard/routes/t2i.py of the component Dashboard API. The manipulation results in improper neutralization of special elements used in a template engine. The atta...
CVE-2026-6984
A security flaw has been discovered in AstrBotDevs AstrBot up to 4.22.1. This affects the function createtemplate of the file astrbot/dashboard/routes/t2i.py of the component Dashboard API. The manipulation results in improper neutralization of special elements used in a template engine. The atta...
CVE-2026-6984
AstrBotDevs AstrBot up to version 4.22.1 contains a vulnerability in the Dashboard API, specifically in the create_template function (astrbot/dashboard/routes/t2i.py). The issue is improper neutralization of special elements used in the template engine, enabling remote execution. Public exploit i...
PT-2026-35155
A security flaw has been discovered in AstrBotDevs AstrBot up to 4.22.1. This affects the function create template of the file astrbot/dashboard/routes/t2i.py of the component Dashboard API. The manipulation results in improper neutralization of special elements used in a template engine. The...
Improper Neutralization of Special Elements Used in a Template Engine
Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine via the POST /prompts/test endpoint, which accepts user-supplied prompt templates and renders them...
DEBIAN-CVE-2026-41316
ERB is a templating system for Ruby. Ruby 2.7.0 before ERB 2.2.0 was published on rubygems.org introduced an @init instance variable guard in ERBresult and ERBrun to prevent code execution when an ERB object is reconstructed via Marshal.load deserialization. However, three other public methods th...
Improper Neutralization of Special Elements Used in a Template Engine
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine via the Option::render and Options::factory code paths in the Option, Options, OptionsApi, and OptionsQuery classes. An attacker can inject template/query syntax into...
CVE-2026-41316
ERB is a templating system for Ruby. Ruby 2.7.0 before ERB 2.2.0 was published on rubygems.org introduced an @init instance variable guard in ERBresult and ERBrun to prevent code execution when an ERB object is reconstructed via Marshal.load deserialization. However, three other public methods th...
CVE-2026-41205
Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.gettemplate is vulnerable to path traversal when a URI starts with // e.g., //../../../secret.txt. The root cause is an inconsistency between two slash-stripping implementations. Any file readable by the process can be...
CVE-2026-40878 mailcow-dockerized Login Page has Reflected Parameter Injection / Wrong-Context XSS Escaping
mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the mailcow web interface passes the raw $SERVER'REQUESTURI' to Twig as a global template variable and renders it inside a JavaScript string literal in the setLang helper of base.twig,...
PT-2026-34057
mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the mailcow web interface passes the raw $ SERVER'REQUEST URI' to Twig as a global template variable and renders it inside a JavaScript string literal in the setLang helper of base.twig,...
CVE-2026-40478
CVE-2026-40478 affects the Thymeleaf Java template engine (versions up to 3.1.3.RELEASE). A security bypass allows unauthenticated SSTI by passing unvalidated input to the expression evaluation mechanism; this is fixed in 3.1.4.RELEASE. Connected sources consistently state the root cause as impro...
CVE-2026-40477 Improper restriction of the scope of accessible objects in Thymeleaf expressions
Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the expression execution mechanisms. Although the library provides mechanisms to prevent expression injection, it fails to properly...
CVE-2026-40302
zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, the proxyUi template engine uses Go's text/template which performs no HTML escaping instead of html/template. The GitHub OAuth callback handlers in both publicProxy and dynamicProxy embed the...
CVE-2026-40302 zrok has reflected XSS in GitHub OAuth callback via unsanitized refreshInterval error rendering
zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, the proxyUi template engine uses Go's text/template which performs no HTML escaping instead of html/template. The GitHub OAuth callback handlers in both publicProxy and dynamicProxy embed the...
Giskard 安全漏洞
Giskard is an open-source evaluation and testing framework for artificial intelligence systems. Versions of Giskard prior to 1.0.2b1 contained security vulnerabilities. These vulnerabilities stemmed from the ConformityCheck class using the Jinja2 template engine to render rule parameters, which...
thymeleaf 安全漏洞
Thymeleaf is an open-source Java template engine developed by Thymeleaf projects. Versions of Thymeleaf 3.1.3.RELEASE and earlier contain security vulnerabilities. These vulnerabilities stem from a security bypass in the expression execution mechanism; certain syntax patterns are not properly...