9.9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.7%
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include from_math_prompt and from_colored_object_prompt.
langchain.com
github.com/hwchase17/langchain
github.com/langchain-ai/langchain/issues/5872