Vulnerability Information Identifier: CVE-2026-2969 Vendor/Product: datapizza-labs datapizza-ai 0.0.2 Component: Jinja2 Template Handler File Affected: datapizza-ai-core/datapizza/modules/prompt/prompt.py Vulnerability Type: CWE-1336 (Improper Neutralization of Special Elements Used in a Template Engine) CVSS Meta Temp Score: 6.7 Exploit Price: $0-$5k CTI Interest Score: 4.48 Summary A critical vulnerability was found in datapizza-labs datapizza-ai 0.0.2. The issue affects the function chatPromptTemplate within the Jinja2 Template Handler. Manipulating the argument leads to improper neutralization of special elements in the template engine, allowing remote execution. Details The vulnerability enables an attacker to insert or process externally-influenced input that can be interpreted as template expressions or code directives, impacting confidentiality, integrity, and availability. The vendor was contacted but did not respond.