VYPR
High severity7.5NVD Advisory· Published Oct 24, 2024· Updated Apr 15, 2026

CVE-2024-48141

CVE-2024-48141

Description

A prompt injection vulnerability in the chatbox of Zhipu AI CodeGeeX v2.17.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Aminer/Codegeexinferred2 versions
    = 2.17.0+ 1 more
    • (no CPE)range: = 2.17.0
    • (no CPE)range: =2.17.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.