Please submit vulnerability discoveries to our bug bounty program: https://hackerone.com/hubspot
Security: HubSpot/jinjava
Security
SECURITY.md
-
Arbitrary Java Execution via JinJava Bypass through ForTagGHSA-gjx9-j8f8-7j74 published
Feb 3, 2026 by jasmith-hsCritical -
Sandbox Bypass via JavaType-Based DeserializationGHSA-m49c-g9wr-hv6v published
Sep 17, 2025 by jasmith-hsCritical
Learn more about advisories related to HubSpot/jinjava in the GitHub Advisory Database