All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-0685
CRITICALpublished 2026-06-26 16:16 UTC · 2 days ago · modified 2026-06-26 20:05 UTC
9.8
CVSS / 10
// description
Server side template inject (SSTI) in the expression evaluation component in Genshi Template Engine version 0.7.9 allows a remote attacker to achieve remote code execution (RCE) via crafted template expressions.
// cvss 3.1 vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H