Description
Thymeleaf is a server-side Java template engine for web and standalone environments. Prior to 3.1.5.RELEASE, a security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf. Although the library provides mechanisms to avoid the execution of potentially dangerous expressions in some specific sandboxed (restricted) contexts, it fails to properly neutralize specific constructs that allow this kind of expressions to be executed. If an application developer passes to the template engine unsanitized variables that contain such expressions, and these values are used in sandboxed contexts inside the templates, these expressions can be executed achieving Server-Side Template Injection (SSTI). This vulnerability is fixed in 3.1.5.RELEASE.
Published: 2026-05-12
Score: 9 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability is caused by a flaw in the expression execution mechanism of Thymeleaf prior to version 3.1.5.RELEASE. When templates are configured in sandboxed or restricted mode, the engine is supposed to neutralize dangerous expressions. Instead, it fails to recognize certain unauthorized syntax patterns, allowing those expressions to run. The result is Server‑Side Template Injection, which can compromise confidentiality, integrity, and availability by enabling arbitrary code execution on the server.

Affected Systems

Affected products include the Thymeleaf template engine from the software vendor Thymeleaf. All releases prior to 3.1.5.RELEASE are vulnerable, including any web or standalone applications that embed Thymeleaf and utilize sandboxed contexts. The vulnerability applies to all Java applications that integrate Thymeleaf without applying the patch.

Risk and Exploitability

The CVSS score of 9 indicates high severity, and the lack of an EPSS score means current exploit probability data is not available, but high severity still warrants attention. The vulnerability is not listed in the CISA KEV catalog. The attack vector is inferred to be remote, as attackers can inject malicious expressions through unsanitized user input that is later processed by a sandboxed template. Successful exploitation can lead to execution of arbitrary code, data exfiltration, and denial‑of‑service.

Generated by OpenCVE AI on May 12, 2026 at 23:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Thymeleaf to version 3.1.5.RELEASE or later to eliminate the vulnerable expression handling.
  • Remove any use of unsanitized user input in sandboxed template contexts; ensure all variables passed to templates are thoroughly validated and sanitized.
  • If an immediate upgrade is not possible, consider disabling sandboxed mode or restricting template rendering to trusted input until the patch is applied.

Generated by OpenCVE AI on May 12, 2026 at 23:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-c9ph-gxww-7744 Sandboxed Thymeleaf expressions vulnerable to improper recognition of unauthorized syntax patterns
History

Wed, 13 May 2026 00:30:00 +0000

Type Values Removed Values Added
First Time appeared Thymeleaf
Thymeleaf thymeleaf
Vendors & Products Thymeleaf
Thymeleaf thymeleaf

Tue, 12 May 2026 22:45:00 +0000

Type Values Removed Values Added
Description Thymeleaf is a server-side Java template engine for web and standalone environments. Prior to 3.1.5.RELEASE, a security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf. Although the library provides mechanisms to avoid the execution of potentially dangerous expressions in some specific sandboxed (restricted) contexts, it fails to properly neutralize specific constructs that allow this kind of expressions to be executed. If an application developer passes to the template engine unsanitized variables that contain such expressions, and these values are used in sandboxed contexts inside the templates, these expressions can be executed achieving Server-Side Template Injection (SSTI). This vulnerability is fixed in 3.1.5.RELEASE.
Title Thymeleaf: Improper recognition of unauthorized syntax patterns in sandboxed Thymeleaf expressions
Weaknesses CWE-1336
CWE-917
References
Metrics cvssV3_1

{'score': 9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H'}

Subscriptions

Thymeleaf Thymeleaf
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-12T22:35:50.617Z

Reserved: 2026-04-22T15:11:54.672Z

Link: CVE-2026-41901

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-12T23:16:17.060

Modified: 2026-05-12T23:16:17.060

Link: CVE-2026-41901

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-13T00:15:27Z

Weaknesses