EUVD-2025-23002

Malicious code in bioql PyPI...

CVE-2025-46059

langchain-ai v0.3.51 was discovered to contain an indirect prompt injection vulnerability in the GmailToolkit component. This vulnerability allows attackers to execute arbitrary code and compromise the application via a crafted email message. NOTE: this is disputed by the Supplier because the...

CVE-2025-46059

langchain-ai v0.3.51 was discovered to contain an indirect prompt injection vulnerability in the GmailToolkit component. This vulnerability allows attackers to execute arbitrary code and compromise the application via a crafted email message. NOTE: this is disputed by the Supplier because the...

LangChain 安全漏洞

LangChain is a LangChain open source framework for developing applications powered by the Large Language Model LLM. A security vulnerability exists in LangChain version v0.3.51, which stems from an indirect prompt injection in the GmailToolkit component that could lead to the execution of arbitra...

CVE-2025-46059

CVE-2025-46059 involves langchain-ai v0.3.51 with an indirect prompt injection in the GmailToolkit component that could enable code execution via a crafted email. The supplier disputes the code-execution claim, noting the issue stemmed from user-written code not following LangChain security pract...

PT-2025-31216 · Unknown · Langchain-Ai +1

Name of the Vulnerable Software and Affected Versions: langchain-ai version 0.3.51 Description: langchain-ai version 0.3.51 contains an indirect prompt injection vulnerability in the GmailToolkit component. This vulnerability allows attackers to execute arbitrary code and compromise the applicati...

CVE-2025-46059

langchain-ai v0.3.51 was discovered to contain an indirect prompt injection vulnerability in the GmailToolkit component. This vulnerability allows attackers to execute arbitrary code and compromise the application via a crafted email message. NOTE: this is disputed by the Supplier because the...