CVE-2026-0685
Awaiting Analysis Awaiting Analysis - Queue

Server-Side Template Injection in Genshi 0.7.9 Leads to RCE

Vulnerability report for CVE-2026-0685, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-26

Last updated on: 2026-06-26

Assigner: CERT/CC

Description

Server side template inject (SSTI) in the expression evaluation component in Genshi Template Engine version 0.7.9 allows a remote attacker to achieve remote code execution (RCE) via crafted template expressions.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-26
Last Modified
2026-06-26
Generated
2026-07-16
AI Q&A
2026-06-26
EPSS Evaluated
2026-07-15
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
edgewall genshi 0.7.9

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-0685 is a Server-Side Template Injection (SSTI) vulnerability in the Genshi Template Engine version 0.7.9. Genshi evaluates template expressions using Python's 'eval()' and 'exec()' functions, which allows fallback access to Python built-in objects if a variable is not found in the template data.

An attacker who can control template expressions can exploit this behavior to execute arbitrary Python code on the server. This happens because Genshi processes expressions like ${…} through an internal evaluation mechanism that can access functions such as 'globals()' and 'import', enabling the attacker to chain calls and achieve remote code execution.

Detection Guidance

Detection of this Server-Side Template Injection (SSTI) vulnerability involves identifying if untrusted input is being evaluated by the Genshi template engine using Python's eval() or exec() functions. Since the vulnerability arises from crafted template expressions that lead to remote code execution, detection can focus on monitoring template inputs and outputs for suspicious expressions.

Specific commands are not provided in the available resources. However, general detection methods may include:

  • Reviewing application logs for template expressions containing suspicious Python built-in functions like globals(), import, or eval.
  • Using network monitoring tools to detect unusual outbound connections or command execution attempts originating from the server running Genshi.
  • Testing the application with crafted template expressions to see if arbitrary code execution is possible, for example by injecting payloads that attempt to execute system commands.
Impact Analysis

This vulnerability can have severe impacts because it allows remote code execution (RCE) on the affected server with the privileges of the running application.

  • Execution of arbitrary operating system commands.
  • Deployment of reverse shells or web shells to maintain persistent access.
  • Unauthorized access to sensitive data stored or processed by the server.
  • Full compromise of the affected server, potentially leading to further attacks within the network.
Compliance Impact

The vulnerability allows remote code execution on the affected server, which can lead to unauthorized access to sensitive data and full system compromise.

Such unauthorized access and potential data breaches can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive personal and health information.

Organizations using the vulnerable Genshi Template Engine without proper mitigations risk violating these regulations due to the possibility of data exposure or system compromise.

Mitigation Strategies

Immediate mitigation steps for this vulnerability include preventing untrusted users from controlling template expressions and avoiding the use of eval() or exec() on untrusted input within the Genshi template engine.

  • Restrict access to Python built-in functions during template evaluation to prevent attackers from chaining calls to execute arbitrary code.
  • Render user-defined templates in a hardened sandbox environment to limit the impact of malicious template expressions.
  • Monitor and audit template inputs to ensure they do not contain malicious expressions.
  • Since no official patch is available as of the publication date, consider applying application-level controls to restrict template expression inputs.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-0685. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart