HIGH
Handlebarsjs
CVE published 2026-03-27
CVE-2026-33940
CVE-2026-33940 is a high-severity vulnerability in Handlebars, a popular templating engine for Node.js. The vulnerability allows for template injection attacks, enabling attackers to execute arbitrary code on the server. This issue affects Handlebars versions 4.0.0 through 4.7.8 and is patched in version 4.7.9. The vulnerability is caused by a crafted object in the template context that can bypass conditi [truncated]