MeldSecurity
Press Enter to search
CVE Database & Search →
Sign In Get Started

CVE-2026-2969

🟡 MEDIUM

A flaw has been found in datapizza-labs datapizza-ai 0.0.2. Affected is the function ChatPromptTemplate of the file datapizza-ai-core/datapizza/modules/prompt/prompt.py of the component Jinja2 Templat...

Published
Feb 23, 2026
Last Modified
Feb 23, 2026
Views
9
Bookmarks
0

Description

Request Expert Review

A flaw has been found in datapizza-labs datapizza-ai 0.0.2. Affected is the function ChatPromptTemplate of the file datapizza-ai-core/datapizza/modules/prompt/prompt.py of the component Jinja2 Template Handler. This manipulation of the argument Prompt causes improper neutralization of special elements used in a template engine. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Scores

CVSS 3.1 4.7
4.7
MEDIUM
CVSS 2.0 4.7

References

github.com github.com vuldb.com vuldb.com vuldb.com

Additional Information

Source
cna@vuldb.com
State
Received

Related CVEs

CVE-2026-2971

MEDIUM

A vulnerability was found in a466350665 Smart-SSO up to 2.1.1. Affected by this issue is some unknown functionality of the file smart-sso-server/src/m...

Score: 4.3

CVE-2026-2970

MEDIUM

A vulnerability has been found in datapizza-labs datapizza-ai 0.0.2. Affected by this vulnerability is the function RedisCache of the file datapizza-a...

Score: 4.6

CVE-2026-2998

HIGH

ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a crafted DLL file in the same di...

Score: 7.8

CVE-2026-2968

LOW

A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mg_chacha20_poly1305_decrypt of the file /src/tls_chacha20.c of...

Score: 3.7

CVE-2026-2967

LOW

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/net_builtin.c of the com...

Score: 3.7

CVE-2026-2997

MEDIUM

Tronclass developed by WisdomGarden has a Insecure Direct Object Reference vulnerability. After obtaining a course ID, authenticated remote attackers...

Score: 5.4

Share CVE-2026-2969

Share on Social Media

Copy Link

Embed Code

Request Expert Analysis

Request a professional security analysis for CVE-2026-2969 from our verified experts.

Credits System

Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!

Add 3 credits for accelerated delivery

Base Cost: 8 credits
Priority Upgrade: + credits
SLA Acceleration: +3 credits
Total Cost:
Your Balance:

Insufficient Credits

You need more credits to submit this request.

Buy Credits

Report Analysis