{"id":"GHSA-8gff-cf92-72pv","summary":"pyspur Incomplete Filtering of Special Elements allowed by SingleLLMCallNode function","details":"A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical. Affected is the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/single_llm_call.py of the component Jinja2 Template Handler. The manipulation of the argument user_message leads to improper neutralization of special elements used in a template engine. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.","aliases":["CVE-2025-6518"],"modified":"2025-06-25T15:12:16.718924Z","published":"2025-06-23T21:31:56Z","database_specific":{"github_reviewed_at":"2025-06-25T14:12:09Z","severity":"LOW","cwe_ids":["CWE-791"],"github_reviewed":true,"nvd_published_at":"2025-06-23T19:15:25Z"},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-6518"},{"type":"WEB","url":"https://github.com/PySpur-Dev/pyspur/issues/289"},{"type":"PACKAGE","url":"https://github.com/PySpur-Dev/pyspur"},{"type":"WEB","url":"https://vuldb.com/?ctiid.313638"},{"type":"WEB","url":"https://vuldb.com/?id.313638"},{"type":"WEB","url":"https://vuldb.com/?submit.593612"}],"affected":[{"package":{"name":"pyspur","ecosystem":"PyPI","purl":"pkg:pypi/pyspur"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"0.1.18"}]}],"versions":["0.0.0","0.1.0","0.1.10","0.1.11","0.1.12","0.1.13","0.1.14","0.1.15","0.1.16","0.1.17","0.1.18","0.1.3","0.1.4","0.1.5","0.1.6","0.1.7","0.1.8","0.1.9"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/06/GHSA-8gff-cf92-72pv/GHSA-8gff-cf92-72pv.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}]}