Name of the Vulnerable Software and Affected Versions:

langchain-ai version 0.3.51

Description:

An indirect prompt injection vulnerability exists in the GmailToolkit component. This vulnerability allows attackers to execute arbitrary code and compromise the application via a crafted email message.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.