CVE-2025-27516
CVE-2025-27516 : Jinja2 before 3.1.6 exposes a sandbox bypass via the |attr filter, allowing arbitrary Python code execution if an attacker controls template content. Affected: jinja2 versions prior to 3.1.6. Impact: execution of code in untrusted templates. Remediation: upgrade to 3.1.6 or newer...