CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

OSV•added 2026/06/03 6:32 p.m.•3 views

ROOT-APP-PYPI-CVE-2023-39631 CVE-2023-39631 in rootio-numexpr - Patched by Root

Root has patched CVE-2023-39631 in the rootio-numexpr package for Root:PyPI. Multiple fixed versions available...

9.8CVSS7.3AI score0.01322EPSS

Exploits1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-0117

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01322EPSS

Exploits1References11

RedhatCVE•added 2025/05/23 4:11 a.m.•9 views

CVE-2023-39631

An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library...

9.8CVSS7.7AI score0.01322EPSS

Exploits1

BDU FSTEC•added 2025/02/12 12:0 a.m.•6 views

The vulnerability of the numexpr library in the framework for creating applications based on the combination of model languages like LangChain allows attackers to execute arbitrary code.

The vulnerability of the numexpr library used by the LangChain model-based application framework is related to improper code generation control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.1AI score0.01322EPSS

Exploits1References3Affected Software2

Redos•added 2025/02/03 12:0 a.m.•13 views

ROS-20250203-08

Vulnerability in numexpr library of framework for creating applications based on combining languages and models LangChain is related to incorrect code generation control. LangChain models is related to improper code generation control. Exploitation of the vulnerability could allow an attacker...

9.8CVSS7.8AI score0.01322EPSS

Exploits1

Veracode•added 2023/09/05 4:1 p.m.•26 views

Arbitrary Code Execution

langchain is vulnerable to Arbitrary Code Execution. The vulnerability exists in evaluate function of numexpr library which allows an attacker to inject and execute arbitrary commands...

9.8CVSS7.4AI score0.01322EPSS

Exploits1References5Affected Software1

OSV•added 2023/09/01 6:30 p.m.•1 views

GHSA-F73W-4M7G-CH9X Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr library

An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library. Patches: Released in v.0.0.308. numexpr dependency is optional for langchain...

9.8CVSS7.6AI score0.01322EPSS

Exploits1References9

Github Security Blog•added 2023/09/01 6:30 p.m.•101 views

Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr library

9.8CVSS9.4AI score0.01322EPSS

Exploits1References9Affected Software2

OSV•added 2023/09/01 4:15 p.m.•32 views

CVE-2023-39631

An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library...

9.8CVSS8.1AI score

Exploits0References2

ATTACKERKB•added 2023/09/01 4:15 p.m.•2 views

CVE-2023-39631

An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library...

9.8CVSS6.2AI score0.01322EPSS

Exploits1References3

NVD•added 2023/09/01 4:15 p.m.•25 views

CVE-2023-39631

An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library...

9.8CVSS9.7AI score0.01322EPSS

Exploits1References2

PyPA•added 2023/09/01 4:15 p.m.•6 views

PYSEC-2023-163

An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library...

9.8CVSS8.1AI score0.01322EPSS

Exploits1References7Affected Software1

PyPA•added 2023/09/01 4:15 p.m.•6 views

PYSEC-2023-162

An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library...

9.8CVSS8.1AI score0.01322EPSS

Exploits1References6Affected Software1

Prion•added 2023/09/01 4:15 p.m.•33 views

Code injection

An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library...

7.5CVSS9.7AI score0.01322EPSS

Exploits1References2Affected Software1

OSV•added 2023/09/01 4:15 p.m.•32 views

PYSEC-2023-162

An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library...

9.8CVSS9.4AI score0.01322EPSS

Exploits1References3

OSV•added 2023/09/01 4:15 p.m.•2 views

PYSEC-2023-163

An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library...

9.8CVSS6.2AI score0.01322EPSS

Exploits1References7

CVE•added 2023/09/01 12:0 a.m.•133 views

CVE-2023-39631

LangChain (Langchain) v0.0.245 contains a remote code execution vulnerability in the evaluate function via the numexpr library. Root cause: improper neutralization/input handling in the evaluate path, enabling arbitrary code execution. Affected component/function: Langchain’s evaluate using numex...

9.8CVSS9.6AI score0.01322EPSS

Exploits1References2Affected Software1

CNNVD•added 2023/09/01 12:0 a.m.•4 views

LangChain Code Injection Vulnerability

LangChain is used to build applications using LLM through composability. A security vulnerability exists in Langchain version v.0.0.245, which stems from a vulnerability that could allow a remote attacker to execute arbitrary code via an evaluation function in the numexpr library...

9.8CVSS7.8AI score0.01322EPSS

Exploits1References3