CVE-2026-25526: JinJava Bypass through ForTag leads to Arbitrary Java Execution

Vulnerability Type: Sandbox Bypass / Remote Code Execution

Affected Component: Jinjava

Affected Users:

• Organizations using HubSpot’s Jinjava template rendering engine for user-provided template content
• Any system that renders untrusted Jinja templates using HubSpot’s Jinjava implementation
• Users with the ability to create or edit custom code templates

Severity: Critical - allows arbitrary Java class instantiation and file access bypassing built-in sandbox restrictions

Root Cause: Multiple security bypass vulnerabilities in Jinjava’s sandbox mechanism:

1. ForTag Property Access Bypass: The ForTag class does not enforce JinjavaBeanELResolver restrictions when iterating over object properties using Introspector.getBeanInfo() and invoking getter methods via PropertyDescriptor.getReadMethod()

2. Restricted Class Instantiation: The sandbox’s type allowlist can be bypassed by using ObjectMapper to instantiate classes through JSON deserialization, including creating new JinjavaELContext and JinjavaConfig instances

Attack Vector: An attacker with the ability to create or edit Jinja templates can:

• Access arbitrary getter methods on objects in the template context
• Instantiate ObjectMapper to enable default typing
• Create arbitrary Java classes by bypassing type allowlists
• Read files from the server filesystem (demonstrated with /etc/passwd)
• Potentially execute arbitrary code