Cybersecurity researchers have disclosed a high-severity security flaw in the Vanna.AI library that could be exploited to achieve remote code execution vulnerability via prompt injection techniques.
The vulnerability, tracked as CVE-2024-5565 (CVSS score: 8.1), relates to a case of prompt injection in the “ask” function that could be exploited to trick the library into executing arbitraryRead More

Prompt Injection Flaw in Vanna AI Exposes Databases to RCE Attacks [email protected] (The Hacker News)
by
Tags:
