Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

163 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-27029

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00519EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-49452

Malicious code in bioql PyPI...

9.8CVSS5.8AI score0.00663EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2024-1070

Malicious code in bioql PyPI...

9.8CVSS4.6AI score0.00945EPSS
Exploits1References7
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2024-47563

Malicious code in bioql PyPI...

5.1CVSS3.9AI score0.00385EPSS
Exploits0References3
Veracode
Veracodeadded 2025/06/27 3:26 p.m.3 views

Template Injection

PySpur is vulnerable to Template Injection. The vulnerability is due to improper neutralization of special elements due to unsafe handling of the usermessage argument in the SingleLLMCallNode function of the Jinja2 Template Handler component...

6.5CVSS6.2AI score0.0032EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVEadded 2025/06/25 7:1 p.m.15 views

CVE-2025-6518

A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical. Affected is the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/singlellmcall.py of the component Jinja2 Template Handler. The manipulation of the argument usermessage leads to imprope...

6.5CVSS7.2AI score0.0032EPSS
Exploits0References1
NVD
NVDadded 2025/06/23 7:15 p.m.3 views

CVE-2025-6518

A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical. Affected is the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/singlellmcall.py of the component Jinja2 Template Handler. The manipulation of the argument usermessage leads to imprope...

6.5CVSS0.0032EPSS
Exploits0References4
OSV
OSVadded 2025/06/23 7:15 p.m.1 views

CVE-2025-6518

A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical. Affected is the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/singlellmcall.py of the component Jinja2 Template Handler. The manipulation of the argument usermessage leads to imprope...

5.3CVSS5.4AI score
Exploits0References4
CVE
CVEadded 2025/06/23 7:0 p.m.17 views

CVE-2025-6518

CVE-2025-6518 affects PySpur-Dev pyspur up to 0.1.18. The vulnerability is in the SingleLLMCallNode function (backend/pyspur/nodes/llm/single_llm_call.py) of the Jinja2 Template Handler, where improper neutralization of special elements in user_message enables remote exploitation. The exploit sta...

6.5CVSS6.4AI score0.0032EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/06/23 8:41 a.m.5 views

CVE-2025-6335

A vulnerability was found in DedeCMS up to 5.7.2 and classified as critical. This issue affects some unknown processing of the file /include/dedetag.class.php of the component Template Handler. The manipulation of the argument notes leads to command injection. The attack may be initiated remotely...

7.2CVSS7.8AI score0.06864EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2025/06/23 12:0 a.m.3 views

PT-2025-26638 · Pyspur +1 · Pyspur +2

Name of the Vulnerable Software and Affected Versions: PySpur-Dev pyspur versions up to 0.1.18 Description: A critical issue was found in the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/single llm call.py of the component Jinja2 Template Handler. The manipulation of the argume...

6.5CVSS6.2AI score0.0032EPSS
Exploits0References9
OSV
OSVadded 2025/06/20 11:15 a.m.3 views

CVE-2025-6335

A vulnerability was found in DedeCMS up to 5.7.2 and classified as critical. This issue affects some unknown processing of the file /include/dedetag.class.php of the component Template Handler. The manipulation of the argument notes leads to command injection. The attack may be initiated remotely...

7.2CVSS5.6AI score0.06864EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2025/06/20 11:0 a.m.8 views

CVE-2025-6335 DedeCMS Template dedetag.class.php command injection

A vulnerability was found in DedeCMS up to 5.7.2 and classified as critical. This issue affects some unknown processing of the file /include/dedetag.class.php of the component Template Handler. The manipulation of the argument notes leads to command injection. The attack may be initiated remotely...

5.8CVSS5.3AI score0.06864EPSS
Exploits1References4
Cvelist
Cvelistadded 2025/06/20 11:0 a.m.15 views

CVE-2025-6335 DedeCMS Template dedetag.class.php command injection

A vulnerability was found in DedeCMS up to 5.7.2 and classified as critical. This issue affects some unknown processing of the file /include/dedetag.class.php of the component Template Handler. The manipulation of the argument notes leads to command injection. The attack may be initiated remotely...

5.8CVSS0.06864EPSS
Exploits1References4
CVE
CVEadded 2025/06/20 11:0 a.m.31 views

CVE-2025-6335

CVE-2025-6335 affects DedeCMS up to version 5.7.2. The flaw exists in the Template Handler component, specifically in /include/dedetag.class.php, where manipulation of the notes argument leads to command injection. The vulnerability can be exploited remotely and public exploits exist. Multiple so...

7.2CVSS5.3AI score0.06864EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologiesadded 2025/06/19 12:0 a.m.6 views

PT-2025-26234 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS versions up to 5.7.2 Description: A critical vulnerability was found in DedeCMS affecting the Template Handler component. The issue resides in some unknown processing of the file /include/dedetag.class.php. Manipulation of the argumen...

7.2CVSS4.8AI score0.06864EPSS
Exploits1References10
RedhatCVE
RedhatCVEadded 2025/05/23 10:9 a.m.13 views

CVE-2024-3366

A vulnerability classified as problematic was found in Xuxueli xxl-job up to 2.4.1. This vulnerability affects the function deserialize of the file com/xxl/job/core/util/JdkSerializeTool.java of the component Template Handler. The manipulation leads to injection. The exploit has been disclosed to...

9.8CVSS9.7AI score0.00945EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 8:1 a.m.6 views

CVE-2024-6469

A vulnerability was found in playSMS 1.4.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php?app=main=featurefirewall=firewalllist of the component Template Handler. The manipulation of the argument IP address with the input id...

8.8CVSS7.2AI score0.00736EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 7:27 a.m.6 views

CVE-2024-0601

A vulnerability was found in ZhongFuCheng3y Austin 1.0. It has been rated as critical. Affected by this issue is the function getRemoteUrl2File of the file src\main\java\com\java3y\austin\support\utils\AustinFileUtils.java of the component Email Message Template Handler. The manipulation leads to...

6.5CVSS6.9AI score0.00482EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 12:35 a.m.2 views

CVE-2022-4300

A vulnerability was found in FastCMS. It has been rated as critical. This issue affects some unknown processing of the file /template/edit of the component Template Handler. The manipulation leads to injection. The attack may be initiated remotely. The exploit has been disclosed to the public and...

8.8CVSS7.3AI score0.00793EPSS
Exploits1References1
Rows per page
Query Builder