CVE-2024-5826
published 2024-06-27CVE-2024-5826: In the latest version of vanna-ai/vanna, the `vanna.ask` function is vulnerable to remote code execution due to prompt injection. The root cause is the lack of…
PriorityP262critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
0.88%
54.4th percentile
In the latest version of vanna-ai/vanna, the `vanna.ask` function is vulnerable to remote code execution due to prompt injection. The root cause is the lack of a sandbox when executing LLM-generated code, allowing an attacker to manipulate the code executed by the `exec` function in `src/vanna/base/base.py`. This vulnerability can be exploited by an attacker to achieve remote code execution on the app backend server, potentially gaining full control of the server.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vanna-ai | vanna | 0 – 0.6.2 | — |
| vanna-ai | vanna-ai_vanna | unspecified – latest | — |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_redhat7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
vanna vulnerable to remote code execution caused by prompt injection
ghsa·2024-06-27
CVE-2024-5826 [CRITICAL] CWE-94 vanna vulnerable to remote code execution caused by prompt injection
vanna vulnerable to remote code execution caused by prompt injection
In the latest version of vanna-ai/vanna, the `vanna.ask` function is vulnerable to remote code execution due to prompt injection. The root cause is the lack of a sandbox when executing LLM-generated code, allowing an attacker to manipulate the code executed by the `exec` function in `src/vanna/base/base.py`. This vulnerability can be exploited by an attacker to achieve remote code execution on the app backend server, potentially gaining full control of the server.
OSV
vanna vulnerable to remote code execution caused by prompt injection
osv·2024-06-27
CVE-2024-5826 [CRITICAL] vanna vulnerable to remote code execution caused by prompt injection
vanna vulnerable to remote code execution caused by prompt injection
In the latest version of vanna-ai/vanna, the `vanna.ask` function is vulnerable to remote code execution due to prompt injection. The root cause is the lack of a sandbox when executing LLM-generated code, allowing an attacker to manipulate the code executed by the `exec` function in `src/vanna/base/base.py`. This vulnerability can be exploited by an attacker to achieve remote code execution on the app backend server, potentially gaining full control of the server.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-06-27
Published