Vulnerability in Giskard-ai Giskard-oss

CVE-2026-34172

Giskard is an open-source Python library for testing and evaluating agentic systems. Prior to versions 0.3.4 and 1.0.2b1, ChatWorkflow.chat(message) passes its string argument directly as a Jinja2 template source to a non-sandboxed Environ…

EPSS: 0.003 (56.7th percentile) — read the EPSS interpretation.

Affected products

Giskard-ai Giskard-oss — versions < 0.3.4, >= 1.0.1a1, < 1.0.2b1

Weakness classification (CWE)

CWE-1336 — Improper Neutralization of Special Elements Used in a Template Engine

References

https://github.com/Giskard-AI/giskard-oss/security/advisories/GHSA-frv4-x25r-588m (x_refsource_CONFIRM)