Arbitrary Code Execution Risk in Giskard Framework for AI Models
CVE-2026-40320

5.4MEDIUM

Key Information:

Vendor: Giskard-ai
Status: Giskard-oss
Vendor: CVE Published:; 17 April 2026

What is CVE-2026-40320?

The Giskard framework, an open-source tool for AI model testing, is susceptible to a serious vulnerability in the ConformityCheck class. In versions prior to 1.0.2b1, it improperly handles the rendering of the rule parameter by utilizing Jinja2's Template constructor. This oversight allows untrusted sources to execute crafted rule strings, potentially leading to arbitrary code execution. Exploitation of this vulnerability necessitates write access to the check definition followed by the execution of the test suite. This issue has been addressed in the recent update to version 1.0.2b1.

Affected Version(s)

giskard-oss < 1.0.2b1

References

https://github.com/Giskard-AI/giskard-oss/security/adviso...

x_refsource_CONFIRM

https://github.com/Giskard-AI/giskard-oss/releases/tag/gi...

x_refsource_MISC

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 17, 2026
Vulnerability Reserved
Apr 10, 2026

CVE-2026-40320 Data

JSON

Giskard-ai

What is CVE-2026-40320?

Affected Version(s)

References

CVSS V4

Timeline