Skip to main content

Genshi

1 CVEs product

Monthly

CVE-2026-0685 CRITICAL Act Now

Server-side template injection in Edgewall's Genshi template engine (versions 0 through 0.7.9) lets a remote attacker reach the expression-evaluation component and run arbitrary Python code on the host. Because Genshi evaluates template expressions as Python, any application that feeds attacker-controlled input into a Genshi expression can be driven to full remote code execution. No public exploit identified at time of analysis, and the issue is not on the CISA KEV list; EPSS data was not provided.

RCE Genshi
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
EPSS 1% CVSS 9.8
CRITICAL Act Now

Server-side template injection in Edgewall's Genshi template engine (versions 0 through 0.7.9) lets a remote attacker reach the expression-evaluation component and run arbitrary Python code on the host. Because Genshi evaluates template expressions as Python, any application that feeds attacker-controlled input into a Genshi expression can be driven to full remote code execution. No public exploit identified at time of analysis, and the issue is not on the CISA KEV list; EPSS data was not provided.

RCE Genshi
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy