CVE-2025-46059 – Langchain-ai GmailToolkit Arbitrary Code Execution Vulnerability

CVE ID : CVE-2025-46059

Published : July 29, 2025, 3:15 p.m. | 2 hours, 11 minutes ago

Description : langchain-ai v0.3.51 was discovered to contain an indirect prompt injection vulnerability in the GmailToolkit component. This vulnerability allows attackers to execute arbitrary code and compromise the application via a crafted email message.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…