CVE-2025-6518 | PySpur-Dev pyspur up to 0.1.18 Jinja2 Template single_llm_call.py SingleLLMCallNode user_message special elements used in a template engine (Issue 289)

A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical. Affected is the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/single_llm_call.py of the component Jinja2 Template Handler. The manipulation of the argument user_message leads to improper neutralization of special elements used in a template engine.

This vulnerability is traded as CVE-2025-6518. It is possible to launch the attack remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More