CVE-2026-0685

CRITICAL 9.8

Server side template inject (SSTI) in Edgewall Genshi Template Engine

CVSS Score

9.8

EPSS Score

0.0%

EPSS Percentile

0th

Server side template inject (SSTI) in the expression evaluation component in Genshi Template Engine version 0.7.9 allows a remote attacker to achieve remote code execution (RCE) via crafted template expressions.

Vendor	edgewall genshi
Product	genshi
Published	Jun 26, 2026
Last Updated	Jun 26, 2026

Stay Ahead of the Next One

Get instant alerts for edgewall genshi genshi

Be the first to know when new critical vulnerabilities affecting edgewall *genshi* genshi are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Edgewall *Genshi* / Genshi

0 ≤ 0.7.9

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/edgewall/genshi/ kb.cert.org: https://www.kb.cert.org/vuls/id/244846

CVE-2026-0685

Server side template inject (SSTI) in Edgewall Genshi Template Engine

Get instant alerts for edgewall *genshi* genshi

Affected Versions

References

Get instant alerts for edgewall genshi genshi