CVE-2026-2969

Name of the Vulnerable Software and Affected Versions datapizza-labs datapizza-ai version 0.0.2

Description A flaw exists in the Jinja2 Template Handler component of datapizza-ai. Specifically, the ChatPromptTemplate function within the datapizza-ai-core/datapizza/modules/prompt/prompt.py file is susceptible to improper neutralization of special elements used in a template engine due to manipulation of the Prompt argument. This allows for remote exploitation. The exploit has been published. The vendor was contacted but did not respond.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.