Skip to main content

Genshi CVE-2026-0685

| EUVDEUVD-2026-39792 CRITICAL
2026-06-26 certcc GHSA-4r2j-8c42-5wfc
9.8
CVSS 3.1 · Vendor: certcc
Share

Severity by source

Vendor (certcc) PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
9.8 CRITICAL

SSTI yields code execution with full C/I/A loss; AV:N/PR:N/UI:N assumes an unauthenticated input path reaches the evaluator, which is application-dependent but consistent with the reported vector.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (certcc).

CVSS VectorVendor: certcc

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Jun 26, 2026 - 18:23 vuln.today
CVSS changed
Jun 26, 2026 - 18:22 NVD
9.8 (CRITICAL)
CVE Published
Jun 26, 2026 - 15:45 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

Server side template inject (SSTI) in the expression evaluation component in Genshi Template Engine version 0.7.9 allows a remote attacker to achieve remote code execution (RCE) via crafted template expressions.

AnalysisAI

Server-side template injection in Edgewall's Genshi template engine (versions 0 through 0.7.9) lets a remote attacker reach the expression-evaluation component and run arbitrary Python code on the host. Because Genshi evaluates template expressions as Python, any application that feeds attacker-controlled input into a Genshi expression can be driven to full remote code execution. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify app input reaching template
Delivery
Craft malicious Genshi expression
Exploit
Submit payload to evaluator
Execution
Expression compiled as Python
Impact
Arbitrary code executed on server

Vulnerability AssessmentAI

Exploitation Exploitation requires that the target application route attacker-controllable input into Genshi's expression-evaluation component - i.e., user input that reaches a template expression or a dynamically constructed template - on Genshi version 0.7.9 or earlier. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The published CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, base 9.8) describes a maximally severe network, low-complexity, unauthenticated path to full confidentiality, integrity, and availability loss. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An application uses Genshi to render templates and incorporates user-controlled input (for example a profile field, report parameter, or wiki macro argument) into a template expression. The attacker submits a crafted expression payload over the network; Genshi's expression evaluator compiles and executes it as Python, yielding remote code execution as the rendering process. …
Remediation No vendor-released patch identified at time of analysis - the provided references point only to the Genshi GitHub repository (https://github.com/edgewall/genshi/) and the CERT/CC advisory (https://www.kb.cert.org/vuls/id/244846), with no tagged fixed release named, so monitor those for an upstream patch and upgrade to it once published. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Scan all systems and applications to identify Genshi usage and document affected versions (0 through 0.7.9), locations, and operational criticality. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-0685 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy