CWE-1336 (Improper Neutralization of Special Elements Used in a Template Engine) documents a weakness type used across vulnerability databases and security assessments. Use the sections below for definition, context, and mapped CVEs.
The product uses a template engine to insert or process externally-influenced input, but it does not neutralize or incorrectly neutralizes special elements or syntax that can be interpreted as template expressions or other code directives when processed by the engine.
| Kind | Name | Class | Prevalence | OS / CPE |
|---|---|---|---|---|
| language | Java | — | Undetermined | — |
| language | PHP | — | Undetermined | — |
| language | Python | — | Undetermined | — |
| language | JavaScript | — | Undetermined | — |
| language | — | Interpreted | Undetermined | — |
| operating_system | — | Not OS-Specific | Undetermined | — |
| technology | — | Not Technology-Specific | Undetermined | — |
| technology | AI/ML | — | Undetermined | — |
| technology | — | Client Server | Undetermined | — |
These CVEs are mapped to this weakness in this database and kept for traceability and search.
| CVE | Published | Summary |
|---|---|---|
| CVE-2026-41065 | 2026-06-04 | Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 are vulnerable to remote code execution via the newsletter custom template directory feature. On… |
| CVE-2026-34906 | 2026-06-02 | Server-Side Template Injection (SSTI) in Wirtualna Uczelnia allows an unauthenticated attacker to perform Remote Code Execution (RCE). In the endpoint redirectToUrl and parameter redirectUrlParameter,… |
| CVE-2026-42252 | 2026-06-01 | Apache Airflow's official documentation at `core-concepts/dag-run.html` ("Passing Parameters when triggering Dags") showed a verbatim `BashOperator(bash_command="echo value: {{ dag_run.conf['conf1'] }… |
| CVE-2026-45697 | 2026-05-29 | Formie is a Craft CMS plugin for creating forms. Prior to 2.2.20 and 3.1.24, unauthenticated users could submit crafted values into Hidden fields (with Default value → Custom) that were evaluated as T… |
| CVE-2026-49382 | 2026-05-29 | In JetBrains IntelliJ IDEA before 2026.1 code execution was possible via template injection in the Copyright plugin |
| CVE-2026-45312 | 2026-05-29 | RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In 0.24.0 and earlier, a Jinja2 template injection in the prompt generator (rag/prompts/generator.py) allows any authenticated us… |
| CVE-2026-9558 | 2026-05-29 | A Server-Side Template Injection (SSTI) vulnerability exists in Mautic's theme engine. The platform renders uploaded Twig templates without a sandbox or strict function restrictions. Authenticated use… |
| CVE-2026-44209 | 2026-05-26 | Banks generates meaningful LLM prompts using a template language that makes sense. Prior to 2.4.2, banks uses jinja2.Environment() (unsandboxed) to render prompt templates. Applications that pass user… |
| CVE-2026-44723 | 2026-05-26 | Vowpal Wabbit is a machine learning system. The workflow .github/workflows/python_checks.yml embeds ${{ github.event.pull_request.title }} directly inside double-quoted bash strings in four separate s… |
| CVE-2026-9498 | 2026-05-25 | A vulnerability has been found in Dromara lamp-cloud up to 5.6.2. Impacted is the function GroovyClassLoader.parseClass of the component Message Template Handler. Such manipulation of the argument Def… |
| CVE-2025-40900 | 2026-05-19 | An Angular template injection vulnerability was discovered in the Reports functionality due to improper validation of an input parameter. An authenticated user with report privileges can define a mali… |
| CVE-2026-29207 | 2026-05-19 | Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.… |
| CVE-2026-8740 | 2026-05-17 | A flaw has been found in Sanluan PublicCMS 5.202506.d. The impacted element is the function execute of the file publiccms-core/src/main/java/com/publiccms/views/directive/tools/TemplateResultDirective… |
| CVE-2026-45714 | 2026-05-13 | CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Server-Side Template Injection (SSTI) vulnerability exists in multiple modules of CubeCart (including Email Templates, Invo… |
| CVE-2026-44377 | 2026-05-13 | CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Server-Side Template Injection (SSTI) vulnerability exists in multiple modules of CubeCart (including Email Templates and D… |
| CVE-2026-41901 | 2026-05-12 | Thymeleaf is a server-side Java template engine for web and standalone environments. Prior to 3.1.5.RELEASE, a security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf.… |
| CVE-2026-41713 | 2026-05-12 | A malicious user could craft input that is stored in conversation memory and later interpreted by the model in an unintended way. Applications using the affected advisor with user-controlled input may… |
| CVE-2026-44129 | 2026-05-08 | SEPPmail Secure Email Gateway before version 15.0.4 contains a server-side template injection vulnerability in the new GINA UI because an endpoint accepts attacker-controlled template, allowing remote… |
| CVE-2026-44916 | 2026-05-08 | In OpenStack Ironic before 35.0.2 (in a certain non-default configuration), instance_info['ks_template'] is rendered without sandboxing. |
| CVE-2026-42203 | 2026-05-08 | LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.80.5 to before version 1.83.7, the POST /prompts/test endpoint accepted user-supplied prompt templa… |
| Date | Name | Version | Importance | Comment |
|---|---|---|---|---|
| 2022-06-28 | CWE Content Team | 4.8 | — | updated Maintenance_Notes, Relationships |
| 2023-04-27 | CWE Content Team | 4.11 | — | updated Relationships |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |
| 2024-07-16 | CWE Content Team | 4.15 | — | updated Applicable_Platforms, Observed_Examples |
| 2025-12-11 | CWE Content Team | 4.19 | — | updated Applicable_Platforms, Detection_Factors, Weakness_Ordinalities |
| 2026-04-30 | CWE Content Team | 4.20 | — | updated Relationships |