{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-41205", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-18T02:51:52.974Z", "datePublished": "2026-04-23T18:52:24.194Z", "dateUpdated": "2026-04-23T20:20:59.107Z"}, "containers": {"cna": {"title": "Mako: Path traversal via double-slash URI prefix in TemplateLookup", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P", "version": "4.0"}}], "references": [{"name": "https://github.com/sqlalchemy/mako/security/advisories/GHSA-v92g-xgxw-vvmm", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/sqlalchemy/mako/security/advisories/GHSA-v92g-xgxw-vvmm"}], "affected": [{"vendor": "sqlalchemy", "product": "mako", "versions": [{"version": "< 1.3.11", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-23T18:52:24.194Z"}, "descriptions": [{"lang": "en", "value": "Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal when a URI starts with // (e.g., //../../../secret.txt). The root cause is an inconsistency between two slash-stripping implementations. Any file readable by the process can be returned as rendered template content when an application passes untrusted input directly to TemplateLookup.get_template(). This vulnerability is fixed in 1.3.11."}], "source": {"advisory": "GHSA-v92g-xgxw-vvmm", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-23T20:20:51.233790Z", "id": "CVE-2026-41205", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-23T20:20:59.107Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-41205", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-23T20:20:51.233790Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-23T20:20:55.667Z"}}], "cna": {"title": "Mako: Path traversal via double-slash URI prefix in TemplateLookup", "source": {"advisory": "GHSA-v92g-xgxw-vvmm", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 7.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH"}}], "affected": [{"vendor": "sqlalchemy", "product": "mako", "versions": [{"status": "affected", "version": "< 1.3.11"}]}], "references": [{"url": "https://github.com/sqlalchemy/mako/security/advisories/GHSA-v92g-xgxw-vvmm", "name": "https://github.com/sqlalchemy/mako/security/advisories/GHSA-v92g-xgxw-vvmm", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal when a URI starts with // (e.g., //../../../secret.txt). The root cause is an inconsistency between two slash-stripping implementations. Any file readable by the process can be returned as rendered template content when an application passes untrusted input directly to TemplateLookup.get_template(). This vulnerability is fixed in 1.3.11."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-23T18:52:24.194Z"}}}, "cveMetadata": {"cveId": "CVE-2026-41205", "state": "PUBLISHED", "dateUpdated": "2026-04-23T20:20:59.107Z", "dateReserved": "2026-04-18T02:51:52.974Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-23T18:52:24.194Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sqlalchemy:mako:*:*:*:*:*:*:*:*", "matchCriteriaId": "2653BBE1-C0D8-4375-8CC0-B7713D560924", "versionEndExcluding": "1.3.11", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal when a URI starts with // (e.g., //../../../secret.txt). The root cause is an inconsistency between two slash-stripping implementations. Any file readable by the process can be returned as rendered template content when an application passes untrusted input directly to TemplateLookup.get_template(). This vulnerability is fixed in 1.3.11."}], "id": "CVE-2026-41205", "lastModified": "2026-04-28T19:14:56.553", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-23T19:17:29.270", "references": [{"source": "security-advisories@github.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://github.com/sqlalchemy/mako/security/advisories/GHSA-v92g-xgxw-vvmm"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "mako: python: Mako: Information disclosure via path traversal vulnerability", "id": "2461244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461244"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.9", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-22", "details": ["A flaw was found in Mako, a Python template library. This vulnerability, known as path traversal, allows an attacker to access files outside of the intended directory. By providing a specially crafted input to the TemplateLookup.get_template() function, a remote attacker can exploit an inconsistency in how the system handles URIs starting with //. This could lead to the disclosure of sensitive information from any file readable by the affected application."], "mitigation": {"lang": "en:us", "value": "To mitigate this issue, applications utilizing the Mako template library must validate and sanitize all input before passing it to the `TemplateLookup.get_template()` function. Implementing robust input validation routines within applications will prevent specially crafted URIs from traversing outside intended directories and accessing sensitive files."}, "name": "CVE-2026-41205", "package_state": [{"cpe": "cpe:/a:redhat:migration_toolkit_applications:8", "fix_state": "Fix deferred", "package_name": "mta/mta-solution-server-rhel9", "product_name": "Migration Toolkit for Applications 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "resource-agents", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-mlflow-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-training-cuda128-torch29-py312-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Fix deferred", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Fix deferred", "package_name": "quay/quay-rhel9", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Fix deferred", "package_name": "satellite/iop-host-inventory-rhel9", "product_name": "Red Hat Satellite 6"}], "public_date": "2026-04-23T18:52:24Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-41205\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-41205\nhttps://github.com/sqlalchemy/mako/security/advisories/GHSA-v92g-xgxw-vvmm"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.3.11)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "mako", "source": "cna", "vendor": "sqlalchemy"}, "product": "mako", "vendor": "sqlalchemy"}], "analysis": {"en": {"generated_at": "2026-04-28T07:31:16.829416+00:00", "value": {"mitigation_remediation": ["Upgrade Mako to version 1.3.11 or later", "Validate or sanitize any user input that is passed to TemplateLookup.get_template() to prevent double\u2011slash prefixes", "Configure TemplateLookup to restrict allowed directories and deny access to files outside the intended template path"], "summary": {"action": "Apply Patch", "impact": "Remote File Disclosure"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the Mako library distributed by the SQLAlchemy group. Any installation of Mako prior to version 1.3.11 is affected. Administrators should verify whether their applications depend on Mako and determine the exact version in use. The fix is implemented in Mako 1.3.11 and newer releases. ", "description_and_impact": "Mako, a Python template library, contains a path traversal flaw in TemplateLookup.get_template() before version 1.3.11. When a template URI begins with a double slash (//), two different slash\u2011stripping mechanisms diverge, allowing an attacker to craft a URI such as //../../../secret.txt that resolves outside the configured template directory. Any file readable by the running process can be retrieved and rendered as template content, exposing sensitive data to unauthenticated users. The weakness is a classic directory traversal (CWE\u201122) and can lead to confidentiality compromise at a system level. ", "risk_and_exploitability": "The CVSS score of 7.7 indicates a high severity impact. The EPSS score of less than 1% suggests that current exploitation activity is low but still possible. The vulnerability is not listed in the CISA KEV catalog. Attackers are likely to exploit this flaw from a remote web application that trusts user-supplied URIs and forwards them to TemplateLookup.get_template(); the attack does not require elevated privileges and can retrieve any file readable by the application process."}}}}, "created": "2026-04-27T19:15:11.634900+00:00", "updated": "2026-04-28T07:45:26.023559+00:00", "vendors": ["sqlalchemy", "sqlalchemy$PRODUCT$mako"]}