Known Vulnerabilities for Jinja2 by Pocoo
Listed below are 3 of the newest known vulnerabilities associated with "Jinja2" by "Pocoo".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-45312 json | RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In 0.24.0 and earlier, a Jinja2 template injection in ... | Not Provided | 2026-05-29 | 2026-06-02 |
| CVE-2026-44209 json | Banks generates meaningful LLM prompts using a template language that makes sense. Prior to 2.4.2, banks uses jinja2.Environm... | Not Provided | 2026-05-26 | 2026-06-30 |
| CVE-2026-40602 json | The Home Assistant Command-line interface (hass-cli) is a command-line tool for Home Assistant. Up to 1.0.0 of home-assitant-... | Not Provided | 2026-04-21 | 2026-04-21 |
| CVE-2026-40320 json | Giskard is an open-source testing framework for AI models. In versions prior to 1.0.2b1, the ConformityCheck class rendered t... | Not Provided | 2026-04-17 | 2026-04-20 |
| CVE-2026-33235 json | AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In... | Not Provided | 2026-06-24 | 2026-06-25 |
| CVE-2026-29514 json | NetBox versions 4.3.5 through 4.5.4 contain a remote code execution vulnerability in the RenderTemplateMixin.get_environment_... | Not Provided | 2026-05-04 | 2026-05-21 |
| CVE-2026-5760 json | SGLang's reranking endpoint (/v1/rerank) achieves Remote Code Execution (RCE) when a model file containing a malcious tokeniz... | Not Provided | 2026-04-20 | 2026-04-29 |
| CVE-2019-8341 json | ** DISPUTED ** An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (S... | 9.8 - CRITICAL | 2019-02-15 | 2023-11-07 |
| CVE-2014-1402 json | Not Provided | 2014-05-19 | 2026-05-06 | |
| CVE-2014-0012 json | Not Provided | 2014-05-19 | 2026-05-06 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Pocoo | Jinja2 | 2.9.6 | |||
| Application | Pocoo | Jinja2 | 2.9.5 | |||
| Application | Pocoo | Jinja2 | 2.9.4 | |||
| Application | Pocoo | Jinja2 | 2.9.3 | |||
| Application | Pocoo | Jinja2 | 2.9.2 | |||
| Application | Pocoo | Jinja2 | 2.9.1 | |||
| Application | Pocoo | Jinja2 | 2.9 | |||
| Application | Pocoo | Jinja2 | 2.8.1 | |||
| Application | Pocoo | Jinja2 | 2.8 | |||
| Application | Pocoo | Jinja2 | 2.7.3 | |||
| Application | Pocoo | Jinja2 | 2.7.2 | |||
| Application | Pocoo | Jinja2 | 2.7.1 | |||
| Application | Pocoo | Jinja2 | 2.7 | |||
| Application | Pocoo | Jinja2 | 2.6 | |||
| Application | Pocoo | Jinja2 | 2.5.5 | |||
| Application | Pocoo | Jinja2 | 2.5.4 | |||
| Application | Pocoo | Jinja2 | 2.5.3 | |||
| Application | Pocoo | Jinja2 | 2.5.2 | |||
| Application | Pocoo | Jinja2 | 2.5.1 | |||
| Application | Pocoo | Jinja2 | 2.5 |