KEV Entry
CVE-2022-29078
Known Exploited Vulnerability Entry External Catalog
Entry Details
Confirmed Exploited2026-06-06 00:00 UTC
Timestamps
2026-06-06
2026-06-06
Scope
KEVIntel entry: The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js allows server-side template injection in settings[view... | Affected: mde / ejs | CVSS: 9.8 (CRITICAL) | EPSS: 0.30623 | Used in malware: unknown | Not yet in CISA KEV: True
References
- {'id': 'CVE-2022-29078', 'url': 'https://www.cve.org/CVERecord?id=CVE-2022-29078'}
- {'id': 'kevintel', 'url': 'https://kevintel.com/vuln/CVE-2022-29078'}
b5002c90-55f8-4078-a7a0-f44884bc1071
caeb2787-0d58-4236-9039-7c86c3e566f3
2026-06-19 12:42 UTC
2026-06-19 12:42 UTC
Evidence
1| Type | Source | Signal | Confidence | Details | GCVE Metadata |
|---|---|---|---|---|---|
| public_report | kevintel | successful_exploitation | 0.70 |
View details
|
- |