CVE-2025-6518

Summary

A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical. Affected is the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/single_llm_call.py of the component Jinja2 Template Handler. The manipulation of the argument user_message leads to improper neutralization of special elements used in a template engine. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Affected Software

VendorProductVersion RangeStatus
PySpur-Devpyspur0.1.0affected
PySpur-Devpyspur0.1.1affected
PySpur-Devpyspur0.1.2affected
PySpur-Devpyspur0.1.3affected
PySpur-Devpyspur0.1.4affected
PySpur-Devpyspur0.1.5affected
PySpur-Devpyspur0.1.6affected
PySpur-Devpyspur0.1.7affected
PySpur-Devpyspur0.1.8affected
PySpur-Devpyspur0.1.9affected
PySpur-Devpyspur0.1.10affected
PySpur-Devpyspur0.1.11affected
PySpur-Devpyspur0.1.12affected
PySpur-Devpyspur0.1.13affected
PySpur-Devpyspur0.1.14affected
PySpur-Devpyspur0.1.15affected
PySpur-Devpyspur0.1.16affected
PySpur-Devpyspur0.1.17affected
PySpur-Devpyspur0.1.18affected

Weaknesses

  • CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine
  • CWE-791: Incomplete Filtering of Special Elements

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References