CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

35 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-0110

Malicious code in bioql PyPI...

9.8CVSS9AI score0.11195EPSS

Exploits2References8

Github Security Blog•added 2023/10/09 9:30 p.m.•35 views

langchain_experimental vulnerable to arbitrary code execution via PALChain in the python exec method

langchainexperimental aka LangChain Experimental in LangChain before 0.0.306 allows an attacker to bypass the CVE-2023-36258 fix and execute arbitrary code via import in Python code, which is not prohibited by palchain/base.py...

9.8CVSS9.6AI score0.00118EPSS

Exploits0References6Affected Software1

OSV•added 2023/10/09 8:15 p.m.•0 views

PYSEC-2023-194

langchainexperimental 0.0.14 allows an attacker to bypass the CVE-2023-36258 fix and execute arbitrary code via the PALChain in the python exec method...

9.8CVSS7.6AI score0.00118EPSS

Exploits0References2

PyPA•added 2023/10/09 8:15 p.m.•4 views

PYSEC-2023-194

langchainexperimental 0.0.14 allows an attacker to bypass the CVE-2023-36258 fix and execute arbitrary code via the PALChain in the python exec method...

9.8CVSS7.9AI score0.00741EPSS

Exploits1References2Affected Software1

CVE•added 2023/10/09 12:0 a.m.•164 views

CVE-2023-44467

LangChain Experimental (langchain_experimental) in LangChain versions before 0.0.306 is documented to bypass the prior CVE-2023-36258 fix and enable arbitrary code execution via import in Python code, not prohibited by pal_chain/base.py. Nessus notes even older builds (

9.8CVSS9.5AI score0.00118EPSS

In wildExploits0References1Affected Software1

OSV•added 2023/08/05 3:30 a.m.•1 views

GHSA-GWQQ-6VQ7-5J86 langchain Code Injection vulnerability

An issue in Harrison Chase langchain allows an attacker to execute arbitrary code via the PALChain,frommathpromptllm.run in the python exec method...

9.8CVSS6.2AI score0.03155EPSS

Exploits1References11

Github Security Blog•added 2023/08/05 3:30 a.m.•49 views

langchain Code Injection vulnerability

An issue in Harrison Chase langchain allows an attacker to execute arbitrary code via the PALChain,frommathpromptllm.run in the python exec method...

9.8CVSS7.8AI score0.03155EPSS

Exploits1References11Affected Software1

NVD•added 2023/08/05 3:15 a.m.•8 views

CVE-2023-36095

An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...

9.8CVSS9.7AI score0.03155EPSS

Exploits1References3

OSV•added 2023/08/05 3:15 a.m.•10 views

CVE-2023-36095

9.8CVSS8AI score

Exploits0References3

ATTACKERKB•added 2023/08/05 3:15 a.m.•2 views

CVE-2023-36095

9.8CVSS6.1AI score0.03155EPSS

Exploits1References4

PyPA•added 2023/08/05 3:15 a.m.•4 views

PYSEC-2023-138

9.8CVSS8AI score0.03155EPSS

Exploits1References5Affected Software1

Prion•added 2023/08/05 3:15 a.m.•11 views

Design/Logic Flaw

7.5CVSS9.7AI score0.03155EPSS

Exploits1References3Affected Software1

OSV•added 2023/08/05 3:15 a.m.•1 views

PYSEC-2023-138

9.8CVSS7.5AI score0.03155EPSS

Exploits1References3

Positive Technologies•added 2023/08/05 12:0 a.m.•2 views

PT-2023-25427 · Harrison Chase · Langchain

Name of the Vulnerable Software and Affected Versions: Harrison Chase langchain version 0.0.194 Description: The issue allows an attacker to execute arbitrary code via the python exec calls in the PALChain. Affected functions include from math prompt and from colored object prompt, specifically...

9.8CVSS9.5AI score0.03155EPSS

Exploits1References14

Vulnrichment•added 2023/08/05 12:0 a.m.•14 views

CVE-2023-36095

7.7AI score0.03155EPSS

Exploits1References3

Cvelist•added 2023/08/05 12:0 a.m.•13 views

CVE-2023-36095

9.9AI score0.03155EPSS

Exploits1References3

Veracode•added 2023/07/11 1:25 a.m.•24 views

Remote Code Execution (RCE)

langchain is vulnerable to Remote Code Execution RCE. Lack of proper checking of supplied user input allows an attacker to execute arbitrary code on the system via the PALChain in the python exec method...

9.8CVSS8.2AI score0.00741EPSS

Exploits1References4Affected Software1

OSV•added 2023/07/06 3:30 p.m.•0 views

GHSA-57FC-8Q82-GFP3 langchain vulnerable to arbitrary code execution

An issue in langchain allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method...

9.8CVSS7.6AI score0.11195EPSS

Exploits2References7

Github Security Blog•added 2023/07/06 3:30 p.m.•25 views

langchain vulnerable to arbitrary code execution

An issue in langchain allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method...

9.8CVSS7.8AI score0.11195EPSS

Exploits2References7Affected Software1