Medium osv · GHSA-7gfq-f96f-g85j

langchain vulnerable to arbitrary code execution

Published Aug 22, 2023 CVSS 4.0

An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via the via the a json file to the load_prompt parameter. This is related to __subclasses__ or a template.

Remote Code Execution

Affected AI Products

langchain

View original source

Get the weekly digest. Every Monday: top AI security stories of the week. Free.