CVE-2025-49619 — Vulnetix

CVE-2025-49619 PUBLISHED CVSS 8.5 HIGH

Skyvern through 0.1.85 is vulnerable to server-side template injection (SSTI) in the Prompt field of workflow blocks such as the Navigation v2 Block. Improper sanitization of Jinja2 template input allows authenticated users to inject crafted expressions that are evaluated on the server, leading to blind remote code execution (RCE).

EPSS 73.54% · 98.8th percentile

Risk Scores

CVSS 3.1

8.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

EPSS Score

73.54%

98.8th percentile

Affected Products

Vendor	Product	Versions
PyPI	skyvern	0, 0
Skyvern	Skyvern	0, 0

Exploit Intelligence

(crowdsec)
This script exploits CVE-2025-49619 in Skyvern to execute a reverse shell command. (github-poc)
This script exploits CVE-2025-49619 in Skyvern to execute a reverse shell command. (github-poc)
This script exploits CVE-2025-49619 in Skyvern to execute a reverse shell command. (github-poc)
This script exploits CVE-2025-49619 in Skyvern to execute a reverse shell command. (github-poc)
This script exploits CVE-2025-49619 in Skyvern to execute a reverse shell command. (github-poc)
This script exploits CVE-2025-49619 in Skyvern to execute a reverse shell command. (github-poc)
This script exploits CVE-2025-49619 in Skyvern to execute a reverse shell command. (github-poc)
This script exploits CVE-2025-49619 in Skyvern to execute a reverse shell command. (github-poc)
This script exploits CVE-2025-49619 in Skyvern to execute a reverse shell command. (github-poc)

…and 55 more exploits

Timeline

Jan 21, 1970 VulnCheck XDB Entry
Jan 21, 1970 Exploit-DB Entry
Oct 11, 2022 CrowdSec Sighting
Feb 7, 2023 CrowdSec Sighting
Aug 15, 2024 CrowdSec Sighting
Jun 7, 2025 CVE Published
Jun 7, 2025 PoC Published
Jun 8, 2025 EPSS Score
Jun 15, 2025 Exploit-DB Entry
Jun 16, 2025 Coalition ESS Score
Jun 16, 2025 PoC Published
Jun 17, 2025 CVE Updated

References

Open in Interactive Console →