CVE-2025-25362

Publication date

2025-03-05 00:00:00

Family

mitre

State

PUBLISHED

Description

A Server-Side Template Injection (SSTI) vulnerability in Spacy-LLM v0.7.2 allows attackers to execute arbitrary code via injecting a crafted payload into the template field.