VYPR

CWE-1336

Improper Neutralization of Special Elements Used in a Template Engine

BaseIncomplete

Description

The product uses a template engine to insert or process externally-influenced input, but it does not neutralize or incorrectly neutralizes special elements or syntax that can be interpreted as template expressions or other code directives when processed by the engine.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (129)

page 2 of 7
  • CVE-2024-58303HigDec 11, 2025
    risk 0.56cvss epss 0.01

    FoF Pretty Mail 1.1.2 contains a server-side template injection vulnerability that allows administrative users to inject malicious code into email templates. Attackers can execute system commands by inserting crafted template expressions that trigger arbitrary code execution…

  • CVE-2024-58293HigDec 11, 2025
    risk 0.56cvss epss 0.00

    Akaunting 3.1.8 contains a server-side template injection vulnerability that allows authenticated administrators to execute template expressions in multiple form input fields. Attackers can inject template payloads in items, taxes, transactions, and vendor name fields to perform…

  • CVE-2026-44129HigMay 8, 2026
    risk 0.54cvss epss 0.01

    SEPPmail Secure Email Gateway before version 15.0.4 contains a server-side template injection vulnerability in the new GINA UI because an endpoint accepts attacker-controlled template, allowing remote attackers to execute arbitrary template expressions and potentially achieve…

  • CVE-2026-44181criJun 3, 2026
    risk 0.52cvss epss 0.01

    ### Summary The environment variables (`KERNEL_XXX`) used during the rendering of the Kubernetes manifest are vulnerable to Server Side Template Injection (SSTI). By including Jinja2 template expressions it is possible to execution Python code and OS Commands in the Enterprise…

  • CVE-2026-42252CriJun 1, 2026
    risk 0.52cvss 9.1epss 0.00

    Apache Airflow's official documentation at `core-concepts/dag-run.html` ("Passing Parameters when triggering Dags") showed a verbatim `BashOperator(bash_command="echo value: {{ dag_run.conf['conf1'] }}")` example without any quoting / sanitization warning. Dag authors who copied…

  • CVE-2026-45714CriMay 13, 2026
    risk 0.52cvss 9.1epss 0.00

    CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Server-Side Template Injection (SSTI) vulnerability exists in multiple modules of CubeCart (including Email Templates, Invoices, Documents, and Contact Forms). The application unsafely evaluates…

  • CVE-2026-44377CriMay 13, 2026
    risk 0.52cvss 9.1epss 0.01

    CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Server-Side Template Injection (SSTI) vulnerability exists in multiple modules of CubeCart (including Email Templates and Documents). The application unsafely evaluates user-supplied input directly…

  • CVE-2026-39980CriApr 9, 2026
    risk 0.52cvss 9.1epss 0.01

    OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.9.5, the safeEjs.ts file does not properly sanitize EJS templates. Users with the Manage customization capability can run arbitrary JavaScript in the context of the…

  • CVE-2026-26026CriApr 6, 2026
    risk 0.52cvss 9.1epss 0.00

    GLPI is a free asset and IT management software package. From 11.0.0 to before 11.0.6, template injection by an administrator lead to RCE. This vulnerability is fixed in 11.0.6.

  • CVE-2025-49619HigJun 7, 2025
    risk 0.52cvss 8.5epss 0.14

    Skyvern through 0.1.85 is vulnerable to server-side template injection (SSTI) in the Prompt field of workflow blocks such as the Navigation v2 Block. Improper sanitization of Jinja2 template input allows authenticated users to inject crafted expressions that are evaluated on the…

  • CVE-2026-41065HigJun 4, 2026
    risk 0.51cvss epss 0.00

    Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 are vulnerable to remote code execution via the newsletter custom template directory feature. On a fresh install before the setup wizard is completed, all management endpoints…

  • CVE-2026-40320HigApr 17, 2026
    risk 0.51cvss 7.8epss 0.00

    Giskard is an open-source testing framework for AI models. In versions prior to 1.0.2b1, the ConformityCheck class rendered the rule parameter through Jinja2's default Template() constructor, silently interpreting template expressions at runtime. If check definitions are loaded…

  • CVE-2023-6743HigMay 29, 2024
    risk 0.51cvss 8.8epss 0.01

    The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.5.89 via the template import functionality. This makes it possible for authenticated attackers, with…

  • CVE-2026-44543HigMay 28, 2026
    risk 0.50cvss 8.7epss 0.00

    Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used…

  • CVE-2026-35044HigApr 6, 2026
    risk 0.50cvss 8.8epss 0.00

    BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.38, the Dockerfile generation function generate_containerfile() in src/bentoml/_internal/container/generate.py uses an unsandboxed jinja2.Environment with the…

  • CVE-2026-34172HigMar 31, 2026
    risk 0.50cvss 8.8epss 0.01

    Giskard is an open-source Python library for testing and evaluating agentic systems. Prior to versions 0.3.4 and 1.0.2b1, ChatWorkflow.chat(message) passes its string argument directly as a Jinja2 template source to a non-sandboxed Environment. A developer who passes user input…

  • CVE-2026-28228HigMar 30, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. Prior to versions 19.1.31, 20.1.18, and 20.2.5, an authenticated user with the Author role can inject Velocity directives into a reminder email template. When the…

  • CVE-2024-25131HigDec 19, 2024
    risk 0.50cvss 8.8epss 0.01

    A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource (CRD) of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to run the job. This can…

  • CVE-2026-32261HigMar 16, 2026
    risk 0.48cvss epss 0.00

    Webhooks for Craft CMS plugin adds the ability to manage “webhooks” in Craft CMS, which will send GET or POST requests when certain events occur. From version 3.0.0 to before version 3.2.0, the Webhooks plugin renders user-supplied template content through Twig’s…

  • CVE-2024-38363HigJul 9, 2024
    risk 0.48cvss 8.5epss 0.01

    Airbyte is a data integration platform for ELT pipelines. Airbyte connection builder docker image is vulnerable to RCE via SSTI which allows an authenticated remote attacker to execute arbitrary code on the server as the web server user. The connection builder is used to create…