Gửi #779122: PromtEngineer localGPT Latest (commit 4d41c7d) LLM Prompt Injection via Unsanitized User Inputthông tin

tiêu đềPromtEngineer localGPT Latest (commit 4d41c7d) LLM Prompt Injection via Unsanitized User Input
Mô tảA critical prompt injection vulnerability exists in the AI routing mechanism that allows attackers to manipulate the Large Language Model's behavior by injecting malicious instructions through user queries. The application directly embeds unsanitized user input into system prompts without any input validation, escaping, or output verification. This enables attackers to extract sensitive information, manipulate AI responses, bypass routing logic, and potentially chain with other vulnerabilities to achieve complete system compromise.
Nguồn⚠️ https://github.com/August829/CVEP/issues/9
Người dùng
 Yu_Bao (UID 89348)
Đệ trình13/03/2026 02:21 (cách đây 4 các tháng)
Kiểm duyệt27/03/2026 14:49 (15 days later)
Trạng tháiđược chấp nhận
Mục VulDB353889 [PromtEngineer localGPT đến 4d41c7d1713b16b216d8e062e51a5dd88b20b054 LLM Prompt backend/server.py _route_using_overviews nâng cao đặc quyền]
điểm20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!