PyPi: Spacy-Llm

CVE-2025-25362

Safety vulnerability ID: 76319

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Mar 05, 2025 Updated at Apr 02, 2025

Scan your Python projects for vulnerabilities →

Advisory

A Server-Side Template Injection (SSTI) vulnerability in Spacy-LLM v0.7.2 allows attackers to execute arbitrary code via injecting a crafted payload into the template field.

Affected package

spacy-llm

Latest version: 0.7.3

Integrating LLMs into structured NLP pipelines

Affected versions

Fixed versions

Vulnerability changelog

This vulnerability has no description

Resources

https://github.com/advisories/GHSA-793v-gxfp-9q9h
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-25362

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application