Skip to main content

Ssti CVE-2026-5559

| EUVDEUVD-2026-19066 LOW
Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336)
2026-04-05 VulDB GHSA-23jg-5f8m-gw8c
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

6
Severity Changed
Apr 29, 2026 - 01:11 NVD
MEDIUM LOW
CVSS changed
Apr 29, 2026 - 01:11 NVD
5.3 (MEDIUM) 2.1 (LOW)
PoC Detected
Apr 07, 2026 - 13:20 vuln.today
Public exploit code
EUVD ID Assigned
Apr 05, 2026 - 10:30 euvd
EUVD-2026-19066
Analysis Generated
Apr 05, 2026 - 10:30 vuln.today
CVE Published
Apr 05, 2026 - 10:15 nvd
MEDIUM 5.3

DescriptionCVE.org

A vulnerability has been found in AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha. The affected element is the function _is_safe_ast of the file sandbox.py of the component AST Validation. Such manipulation leads to improper neutralization of special elements used in a template engine. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

AnalysisAI

Server-side template injection in PyBlade's AST validation function (_is_safe_ast in sandbox.py) allows authenticated remote attackers to bypass template safety checks and inject arbitrary template code, leading to information disclosure and potential code execution. Affected versions 0.1.8-alpha and 0.1.9-alpha contain improper neutralization of special template elements. Publicly available exploit code exists, though the vendor has not yet responded to disclosure.

Technical ContextAI

PyBlade is a Python template engine that implements AST (Abstract Syntax Tree) validation as a security boundary to prevent unsafe template expressions. The vulnerability resides in the _is_safe_ast function within sandbox.py, which is responsible for determining whether template constructs are safe to execute. CWE-1336 (Improper Neutralization of Special Elements Used in a Template Engine) indicates the root cause: the validation logic fails to properly identify and block dangerous template syntax patterns. By crafting malicious AST nodes that evade the safety check, attackers can inject expressions that the template engine will execute without further validation, leading to template injection attacks similar to SSTI (Server-Side Template Injection) vulnerabilities in systems like Jinja2 or Mako.

RemediationAI

No vendor-released patch has been issued at the time of analysis, and the project maintainer has not yet responded to the early disclosure. Users should immediately audit their PyBlade deployments and restrict template input validation until a fix is available. If possible, disable or isolate PyBlade functionality requiring untrusted template input, or implement additional input validation outside the template engine. Monitor the GitHub repository (https://github.com/AntaresMugisho/PyBlade/) and VulDB (https://vuldb.com/vuln/355329) for patch releases. Consider contributing a pull request to address the _is_safe_ast function's validation gaps, or evaluate alternative template engines with more mature security track records if upgrades are not available within your operational timeline.

More in Ssti

View all
CVE-2025-47916 CRITICAL POC
10.0 May 16

Invision Community 5.0.0 through 5.0.6 contains an unauthenticated remote code execution vulnerability in the template e

CVE-2024-6386 CRITICAL POC
9.9 Aug 21

Remote code execution in the WPML WordPress multilingual plugin (versions up to and including 4.6.12) allows Contributor

CVE-2024-23692 CRITICAL POC
9.8 May 31

Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. Rated c

CVE-2025-23211 CRITICAL POC
9.9 Jan 28

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Rated critical seve

CVE-2024-32651 CRITICAL POC
10.0 Apr 26

changedetection.io is an open source web page change detection, website watcher, restock monitor and notification servic

CVE-2024-4040 CRITICAL POC
10.0 Apr 22

A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms all

CVE-2024-24724 CRITICAL POC
9.8 Apr 03

Gibbon through 26.0.00 allows /modules/School%20Admin/messengerSettings.php Server Side Template Injection leading to Re

CVE-2026-28496 CRITICAL POC
9.4 Jun 23

Server-side template injection in FOSSBilling versions prior to 0.8.0 allows authenticated administrators to execute arb

CVE-2025-1040 HIGH POC
8.8 Mar 20

AutoGPT versions 0.3.4 and earlier are vulnerable to a Server-Side Template Injection (SSTI) that could lead to Remote C

CVE-2023-6709 HIGH POC
8.8 Dec 12

Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository mlflow/mlflow prior to 2.9.2.

CVE-2022-0896 HIGH POC
8.8 Mar 09

Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository microweber/microweber prior t

CVE-2024-54954 HIGH POC
8.0 Feb 10

OneBlog v2.3.6 was discovered to contain a template injection vulnerability via the template management department. Rate

Share

CVE-2026-5559 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy