The Vanna AI library has been found to have a vulnerability (CVE-2024-5565) that could allow for remote code execution (RCE) due to a prompt injection issue related to the Plotly script.