Server Side Template Injection in Genshi Template Engine
CVE-2026-0685

Currently unrated

Key Information:

Vendor: Edgewall *genshi*
Status: Genshi
Vendor: CVE Published:; 26 June 2026

🔔 Create Edgewall *genshi* Vulnerability Alert

What is CVE-2026-0685?

A server side template injection (SSTI) vulnerability exists in Genshi Template Engine version 0.7.9, which allows remote attackers to execute arbitrary code on the server by leveraging crafted template expressions. This could lead to severe security risks, enabling unauthorized access and control over the affected system.

Affected Version(s)

Genshi 0 <= 0.7.9

References

https://github.com/edgewall/genshi/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2026
Vulnerability Reserved
Jan 7, 2026

CVE-2026-0685 Data

JSON