langchain-ai v0351 was discovered to contain an indirect prompt injection vulnerability in the

链接： https://github.com/advisories/GHSA-3g6x-vq45-v2jv

CVSS 评分： 9.8

参考链接：

https://nvd.nist.gov/vuln/detail/CVE-2025-46059
https://github.com/langchain-ai/langchain/issues/30833
https://github.com/Jr61-star/CVEs/blob/main/CVE-2025-46059.md
https://github.com/advisories/GHSA-3g6x-vq45-v2jv

描述：

langchain-ai v0.3.51 was discovered to contain an indirect prompt injection vulnerability in the GmailToolkit component. This vulnerability allows attackers to execute arbitrary code and compromise the application via a crafted email message.

安全公告

#Github Advisory

langchain-ai v0351 was discovered to contain an indirect prompt injection vulnerability in the

http://example.com/2025/07/29/github_2465238278/

作者

lianccc

发布于

2025年7月29日

许可协议

The Memos application, up to version v0243, allows for the embedding of markdown images with 上一篇

SharePoint 反序列化远程代码执行漏洞下一篇