VYPR
Critical severity9.8GHSA Advisory· Published Mar 5, 2025· Updated Jun 17, 2026

CVE-2025-25362

CVE-2025-25362

Description

A Server-Side Template Injection (SSTI) vulnerability in Spacy-LLM v0.7.2 allows attackers to execute arbitrary code via injecting a crafted payload into the template field.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
spacy-llmPyPI
< 0.7.30.7.3

Affected products

2

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.