Detections
Analytics
CVE-2026-0685
No Score
Description
A Server-Side Template Injection (SSTI) vulnerability exists in the Genshi template engine due to unsafe evaluation of template expressions. Genshi processes template expressions using Python’s 'eval()’ and ‘exec()’ functions while allowing fallback access to Python built-in objects. If an attacker can influence template expressions, this behavior can result in arbitrary code execution on the server.