CVE-2024-45989

Published: Sep 26, 2024

Modified: Sep 27, 2024

PUBLISHED

Description

Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. A prompt injection allows an attacker to modify chatbot answer with an unloaded image that exfiltrates the user's sensitive chat data of the current session to a malicious third-party or attacker-controlled server.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://monica.im/desktop

https://github.com/soursec/CVEs/tree/main/CVE-2024-45989

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-45989

Description

Affected Products

References