CWE-1336 · Improper Neutralization of Special Elements Used in a Template Engine
179 CVEs classified under CWE-1336 (Improper Neutralization of Special Elements Used in a Template Engine). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-53833 | Critical | 10.0 | 2025-07-14 | LaRecipe is an application that allows users to create documentation with Markdown inside a Laravel app. Versions prior to 2.8.1 are vulnerable to Server-Side… |
CVE-2025-47916 | Critical | 10.0 | 2025-05-16 | Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php. The issue lies within the themeeditor contr… |
CVE-2025-46661 | Critical | 10.0 | 2025-04-28 | IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Execution because smartyValidator.php enables the attacker to provide template expressions… |
CVE-2024-32651 | Critical | 10.0 | 2024-04-26 | changedetection.io is an open source web page change detection, website watcher, restock monitor and notification service. There is a Server Side Template Inje… |
CVE-2026-45312 | Critical | 9.9 | 2026-05-29 | RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In 0.24.0 and earlier, a Jinja2 template injection in the prompt generator (rag/prompts/… |
CVE-2026-9558 | Critical | 9.9 | 2026-05-29 | A Server-Side Template Injection (SSTI) vulnerability exists in Mautic's theme engine. The platform renders uploaded Twig templates without a sandbox or strict… |
CVE-2026-33897 | Critical | 9.9 | 2026-03-26 | Incus is a system container and virtual machine manager. Prior to version 6.23.0, instance template files can be used to cause arbitrary read or writes as root… |
CVE-2026-1868 | Critical | 9.9 | 2026-02-09 | GitLab has remediated a vulnerability in the Duo Workflow Service component of GitLab AI Gateway affecting all versions of the AI Gateway from 18.1.6, 18.2.6… |
CVE-2025-14700 | Critical | 9.9 | 2025-12-17 | An input neutralization vulnerability in the Webhook Template component of Crafty Controller allows a remote, authenticated attacker to perform remote code exe… |
CVE-2025-32461 | Critical | 9.9 | 2025-04-09 | wikiplugin_includetpl in lib/wiki-plugins/wikiplugin_includetpl.php in Tiki before 28.3 mishandles input to an eval. The fixed versions are 21.12, 24.8, 27.2… |
CVE-2025-23211 | Critical | 9.9 | 2025-01-28 | Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. A Jinja2 SSTI vulnerability allows any user to execute com… |
CVE-2024-12583 | Critical | 9.9 | 2025-01-04 | The Dynamics 365 Integration plugin for WordPress is vulnerable to Remote Code Execution and Arbitrary File Read in all versions up to, and including, 1.3.23 v… |
CVE-2024-6386 | Critical | 9.9 | 2024-08-21 | The WPML plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.6.12 via Twig Server-Side Template Injection. This… |
CVE-2026-54390 | Critical | 9.8 | 2026-06-18 | JTL Shop versions 5.2.0 through 5.7.1 contains a server-side template injection vulnerability that allows unauthenticated attackers to inject malicious templat… |
CVE-2026-45697 | Critical | 9.8 | 2026-05-29 | Formie is a Craft CMS plugin for creating forms. Prior to 2.2.20 and 3.1.24, unauthenticated users could submit crafted values into Hidden fields (with Default… |
CVE-2026-33654 | Critical | 9.8 | 2026-03-27 | nanobot is a personal AI assistant. Prior to version 0.1.6, an indirect prompt injection vulnerability exists in the email channel processing module (`nanobot/… |
CVE-2026-27641 | Critical | 9.8 | 2026-02-25 | Flask-Reuploaded provides file uploads for Flask. A critical path traversal and extension bypass vulnerability in versions prior to 1.5.0 allows remote attacke… |
CVE-2026-25526 | Critical | 9.8 | 2026-02-04 | JinJava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Prior to versions 2.7.6 and 2.8.3, JinJava is vulne… |
CVE-2025-64087 | Critical | 9.8 | 2026-01-20 | A Server-Side Template Injection (SSTI) vulnerability in the FreeMarker component of opensagres XDocReport v1.0.0 to v2.1.0 allows attackers to execute arbitra… |
CVE-2026-21450 | Critical | 9.8 | 2026-01-02 | Bagisto is an open source laravel eCommerce platform. Versions prior to 2.3.10 are vulnerable to server-side template injection via type parameter, which can l… |