CVE-2026-2969 | datapizza-labs datapizza-ai 0.0.2 Jinja2 Template prompt.py ChatPromptTemplate Prompt special elements used in a template engine

A vulnerability identified as critical has been detected in datapizza-labs datapizza-ai 0.0.2. Affected is the function ChatPromptTemplate of the file datapizza-ai-core/datapizza/modules/prompt/prompt.py of the component Jinja2 Template Handler. This manipulation of the argument Prompt causes improper neutralization of special elements used in a template engine.

This vulnerability is registered as CVE-2026-2969. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-2969 | datapizza-labs datapizza-ai 0.0.2 Jinja2 Template prompt.py ChatPromptTemplate Prompt special elements used in a template engine

Post correlati

CVE-2025-9035 | Horato Virtual Library Platform up to 201 cross site scripting

CVE-2025-41350 | Informática del Este WinPlus 24.11.27 Query savesoldoc_post descripcion cross site scripting

CVE-2024-4807 | Kashipara College Management System 1.0 delete_user.php id sql injection

CVE-2024-53245 | Splunk Enterprise/Cloud Platform Username information disclosure (SVD-2024-1203)