CVE-2025-46059

🗓️ 29 Jul 2025 00:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 16 Views

langchain-ai v0.3.51 has an indirect prompt injection vulnerability in GmailToolkit allowing code execution.

Reporter	Title	Published	Views	Family All 11
IBM Security Bulletins	Security Bulletin: Vulnerability in langchain_core affects IBM watsonx Orchestrate with watsonx Assistant Cartridge	9 Sep 202509:22	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM watsonx Code Assistant On Prem	12 Nov 202507:25	–	ibm
Circl	CVE-2025-46059	29 Jul 202517:01	–	circl
CNNVD	LangChain 安全漏洞	29 Jul 202500:00	–	cnnvd
Cvelist	CVE-2025-46059	29 Jul 202500:00	–	cvelist
EUVD	EUVD-2025-23002	3 Oct 202520:07	–	euvd
NVD	CVE-2025-46059	29 Jul 202515:15	–	nvd
OSV	CVE-2025-46059	29 Jul 202515:15	–	osv
Positive Technologies	PT-2025-31216 · Unknown · Langchain-Ai +1	29 Jul 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-46059	29 Jul 202518:15	–	redhatcve

Source	Link
github	www.github.com/Jr61-star/CVEs/blob/main/CVE-2025-46059.md
python	www.python.langchain.com/docs/security/
github	www.github.com/langchain-ai/langchain/issues/30833
github	www.github.com/langchain-ai/langchain-community/issues/217

15 Apr 2026 00:35Current

7.9High risk

Vulners AI Score7.9

CVSS 3.19.8

EPSS0.00262

SSVC