CVE-2024-5184: The EmailGPT service contains a prompt injection vulnerability. The service uses an API service that allows a malicious
mediumvulnerabilityLLM-Specific
security
Summary
EmailGPT has a prompt injection vulnerability (a technique where attackers hide malicious instructions in their input to trick the AI) that allows anyone with access to the service to manipulate it into leaking its internal system prompts or executing unintended commands. Attackers can exploit this by submitting specially crafted requests that trick the service into providing harmful information or performing actions it wasn't designed to do.
Vulnerability Details
CVSS Score
6.5(medium)
EPSS (30-day exploit probability)
EPSS: 0.1%
Classification
Attack Type
Prompt Injection
Attack SophisticationTrivial
Impact (CIA+S)
confidentialityintegrity
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2024-5184
First tracked: February 15, 2026 at 08:52 PM
Classified by LLM (prompt v3) · confidence: 92%