cbcvebase.
CVE-2024-5565
published 2024-05-31

CVE-2024-5565: The Vanna library uses a prompt function to present the user with visualized results, it is possible to alter the prompt using prompt injection and run…

PriorityP262high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
EPSS
14.96%
96.3th percentile
The Vanna library uses a prompt function to present the user with visualized results, it is possible to alter the prompt using prompt injection and run arbitrary Python code instead of the intended visualization code. Specifically - allowing external input to the library’s “ask” method with "visualize" set to True (default behavior) leads to remote code execution.

Affected

1 ranges
VendorProductVersion rangeFixed in
vanna-aivanna0 – 0.5.5

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2024-5565 is cited as a documented real-world prompt injection vulnerability; treat any external/untrusted input passed to Vanna's ask() as a potential injection vector.
  • ·The attack is a prompt injection — the malicious payload is delivered via natural language input to the LLM, not a traditional code injection path, meaning standard input validation and WAF rules are insufficient on their own.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.