Medium osv · GHSA-92j5-3459-qgp4

LangChain vulnerable to arbitrary code execution

Published Aug 15, 2023 CVSS 4.0

An issue in Harrison Chase langchain before version 0.0.236 allows a remote attacker to execute arbitrary code via the from_math_prompt and from_colored_object_prompt functions.

Remote Code Execution

Affected AI Products

langchain

View original source

Get the weekly digest. Every Monday: top AI security stories of the week. Free.