Overview
A Server-Side Template Injection (SSTI) vulnerability exists in the Genshi template engine due to unsafe evaluation of template expressions. Genshi processes template expressions using Python’s 'eval()’ and ‘exec()’ functions while allowing fallback access to Python built-in objects. If an attacker can influence template expressions, this behavior can result in arbitrary code execution on the server.
Description
Genshi is a Python library developed by Edgewall, it provides an integrated set of components for parsing, generating, and processing HTML, XML, or other textual content for output generation on the web. Genshi is most used to render dynamic web pages in Python web frameworks.
Genshi evaluates template expressions, such as ${…}, through an internal expression evaluation mechanism implemented in Genshi’s ‘eval.py’. During expression evaluation, variable resolution is performed by the ‘lookupname()’ method. If a variable is not found in the provided template data, Genshi falls back to resolving the name from Python’s built-in namespace. This namespace includes powerful built-in functions such as globals() ’ and ‘import’. As a result, when an attacker can control or inject template expressions, they may access Python built-in functions and chain them to achieve arbitrary code execution.
Impact
If an attacker can influence or inject template expressions, this vulnerability allows arbitrary code execution with the privileges of the running application. Potential impacts include executing operating commands, deploying reverse shells or web shells, unauthorized access to sensitive data, or full compromise of the affected server. This issue effectively turns SSTI into Remote Code Execution (RCE).
Solution
At the time of publication, Genshi has not released an update addressing this issue. Until an official patch or guidance is provided by the vendor, the following mitigations are recommended:
-
Do not allow untrusted users to control template expressions or template sources. Templates must be treated as executable code.
-
Restrict or eliminate access to Python built-ins during template evaluation.
-
Avoid using ‘eval()’ or ‘exec()’ on dynamically constructed expressions when untrusted input is involved.
-
If user-defined templates are required, render them in a hardened sandbox environment.
Acknowledgements
Thanks to the reporter Jangwoo Choe. This document was written by Michael Bragg.
Vendor Information
References
Other Information
| CVE IDs: | CVE-2026-0685 |
| API URL: | VINCE JSON | CSAF |
| Date Public: | 2026-01-20 |
| Date First Published: | 2026-01-20 |
| Date Last Updated: | 2026-01-20 16:41 UTC |
| Document Revision: | 4 |