{"data":{"id":"d3b68c11-5781-4b9d-9800-913de3ae7230","title":"CVE-2024-5184: The EmailGPT service contains a prompt injection vulnerability. The service uses an API service that allows a malicious ","summary":"EmailGPT has a prompt injection vulnerability (a technique where attackers hide malicious instructions in their input to trick the AI) that allows anyone with access to the service to manipulate it into leaking its internal system prompts or executing unintended commands. Attackers can exploit this by submitting specially crafted requests that trick the service into providing harmful information or performing actions it wasn't designed to do.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2024-5184","publishedAt":"2024-06-05T18:15:11.993Z","cveId":"CVE-2024-5184","cweIds":["CWE-74","CWE-74"],"cvssScore":"6.5","cvssSeverity":"medium","severity":"medium","attackType":["prompt_injection"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["EmailGPT"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00107,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}