CVE-2026-0685

CRITICAL NVD

CVSS Score 9.8

Severity CRITICAL

Published Jun 26, 2026

Vendor unknown

Description

Server side template inject (SSTI) in the expression evaluation component in Genshi Template Engine version 0.7.9 allows a remote attacker to achieve remote code execution (RCE) via crafted template expressions.

References

https://github.com/edgewall/genshi/
https://www.kb.cert.org/vuls/id/244846