Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
PyBlade Template Engine Allows Remote Hackers to Inject Malicious Code
CVE-2026-5559
Summary
A security issue has been found in the template engine of PyBlade, a Python library used for creating web pages. If exploited, hackers could inject malicious code into web pages, potentially leading to unauthorized actions. The issue has been reported, but the developers have not yet fixed it. Users should update to a patched version as soon as possible.
Original title
A vulnerability has been found in AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha. The affected element is the function _is_safe_ast of the file sandbox.py of the component AST Validation. Such mani...
Original description
A vulnerability has been found in AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha. The affected element is the function _is_safe_ast of the file sandbox.py of the component AST Validation. Such manipulation leads to improper neutralization of special elements used in a template engine. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
nvd CVSS2.0
6.5
nvd CVSS3.1
6.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-791
CWE-1336
Published: 5 Apr 2026 · Updated: 5 Apr 2026 · First seen: 5 Apr 2026