Medium osv · GHSA-prgp-w7vf-ch62

LangChain vulnerable to arbitrary code execution

Published Aug 15, 2023 CVSS 4.0

An issue in langchain langchain-ai before version 0.0.325 allows a remote attacker to execute arbitrary code via a crafted script to the PythonAstREPLTool._run component.

Remote Code Execution

Affected AI Products

langchain

View original source

Get the weekly digest. Every Monday: top AI security stories of the week. Free.