Loading
JumpServer is an open source bastion host and an operation and maintenance security audit system. a Server-Side Template Injection (SSTI) vulnerability exists in JumpServer's Applet and VirtualApp upload functionality. This vulnerability can only be exploited by users with administrative privileges (Application Applet Management or Virtual Application Management permissions). Attackers can exploit this vulnerability to execute arbitrary code within the JumpServer Core container. The vulnerability arises from unsafe use of Jinja2 template rendering when processing user-uploaded YAML configuration files. When a user uploads an Applet or VirtualApp ZIP package, the manifest.yml file is rendered through Jinja2 without sandbox restrictions, allowing template injection attacks.
Cite this page
CVE-2026-31864. CVEDatabase.com. Retrieved 1 May 2026. https://cvedatabase.com/cve/CVE-2026-31864
Use CWE-1336, Fit2cloud vendor hub and Jumpserver product page to widen CVE-2026-31864 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2024-40629, CVE-2024-40628 and CVE-2024-29202 for nearby disclosures in the same product family.