Lucene search
+L

8 matches found

Cvelist
Cvelist
added 2025/08/05 12:12 a.m.10 views

CVE-2025-54130 Cursor Agent is vulnerable prompt injection via Editor Special Files

Cursor is a code editor built for programming with AI. Cursor allows writing in-workspace files with no user approval in versions less than 1.3.9. If the file is a dotfile, editing it requires approval but creating a new one doesn't. Hence, if sensitive editor files, such as the...

7.5CVSS0.00262EPSS
Exploits0References1
NVD
NVD
added 2025/07/29 3:15 p.m.9 views

CVE-2025-46059

langchain-ai v0.3.51 was discovered to contain an indirect prompt injection vulnerability in the GmailToolkit component. This vulnerability allows attackers to execute arbitrary code and compromise the application via a crafted email message. NOTE: this is disputed by the Supplier because the...

9.8CVSS0.00702EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 7:30 a.m.9 views

CVE-2024-48141

A prompt injection vulnerability in the chatbox of Zhipu AI CodeGeeX v2.17.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...

7.5CVSS7.1AI score0.00422EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:15 a.m.10 views

CVE-2024-48140

A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica Your AI Copilot powered by ChatGPT4 v6.3.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...

7.5CVSS7.1AI score0.00413EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:15 a.m.8 views

CVE-2024-48145

A prompt injection vulnerability in the chatbox of Netangular Technologies ChatNet AI Version v1.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...

9.1CVSS7.1AI score0.0054EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:33 a.m.8 views

CVE-2024-5565

The Vanna library uses a prompt function to present the user with visualized results, it is possible to alter the prompt using prompt injection and run arbitrary Python code instead of the intended visualization code. Specifically - allowing external input to the library’s “ask” method with...

8.1CVSS7.9AI score0.14956EPSS
Exploits0References1
CVE
CVE
added 2024/10/24 12:0 a.m.58 views

CVE-2024-48145

CVE-2024-48145 is a prompt-injection vulnerability in Netangular Technologies ChatNet AI v1.0 chatbox. The issue allows a crafted message to access and exfiltrate all previous and subsequent chats between a user and the AI assistant. Documents consistently describe the vulnerable component and im...

9.1CVSS7.1AI score0.0054EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/24 12:0 a.m.12 views

CVE-2024-48145

A prompt injection vulnerability in the chatbox of Netangular Technologies ChatNet AI Version v1.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...

7AI score0.0054EPSS
Exploits0References2
Rows per page
Query Builder