PT-2026-50605 · Maven · Com.Github.Jknack:Handlebars

Published

2026-06-17

Updated

2026-06-17

CVE-2026-55760

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact

Any application that passes user-controlled input to Handlebars.compile() using a FileTemplateLoader (or ClassPathTemplateLoader) is vulnerable to arbitrary file read. This is a realistic attack surface for web applications that use template names from URL path parameters, request parameters, or other user-controlled sources.

Patches

com.github.jknack:handlebars:4.5.2

Workarounds

Validate template name is derived from user input.

java

if (!file.getPath().startsWith(new File(prefix).getCanonicalPath())) {
    throw new IOException("Path traversal attempt detected: " + location);
}

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2026-55760

GHSA-R4GV-QR8J-P3PG

Affected Products

Com.Github.Jknack:Handlebars

PT-2026-50605 · Maven · Com.Github.Jknack:Handlebars

CVE-2026-55760

Impact

Patches

Workarounds

Weakness Enumeration

Related Identifiers

Affected Products

References · 3