CVE-2024-41950
Published: 31 July 2024
Summary
CVE-2024-41950 is a high-severity Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336) vulnerability. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Python (T1059.006); ranked in the top 13.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as NLP and Transformers; in the Other ATLAS/OWASP Terms risk domain; MITRE ATLAS techniques in scope: AML.T0037.000.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-2367
Vulnerability details
Haystack is an end-to-end LLM framework that allows you to build applications powered by LLMs, Transformer models, vector search and more. Haystack clients that let their users create and run Pipelines from scratch are vulnerable to remote code executions. Certain…
more
Components in Haystack use Jinja2 templates, if anyone can create and render that template on the client machine they run any code. The vulnerability has been fixed with Haystack `2.3.1`.
- CWE(s)
AI Security AnalysisAI
- AI Category
- NLP and Transformers
- Risk Domain
- Other ATLAS/OWASP Terms
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Haystack is an end-to-end LLM framework for building applications powered by LLMs, Transformer models, and vector search, aligning with NLP and Transformers category.
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The CVE describes a remote code execution vulnerability in Haystack clients via user-controlled Jinja2 templates, enabling template injection (T1221), Python execution (T1059.006), and client-side exploitation (T1203).
MITRE ATLAS TechniquesAI
MITRE ATLAS techniques
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.