Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

15 matches found

Github Security Blog
Github Security Blogadded 2023/08/05 3:30 a.m.104 views

langchain Code Injection vulnerability

An issue in Harrison Chase langchain allows an attacker to execute arbitrary code via the PALChain,frommathpromptllm.run in the python exec method...

9.8CVSS7.8AI score0.01218EPSS
Exploits1References11Affected Software1
Github Security Blog
Github Security Blogadded 2023/07/06 3:30 p.m.31 views

langchain vulnerable to arbitrary code execution

An issue in langchain allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method...

9.8CVSS7.8AI score0.01566EPSS
Exploits2References7Affected Software1
NVD
NVDadded 2023/07/06 2:15 p.m.10 views

CVE-2023-36188

An issue in langchain v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method...

9.8CVSS9.6AI score0.01566EPSS
Exploits2References2
OSV
OSVadded 2023/07/06 2:15 p.m.15 views

CVE-2023-36188

An issue in langchain v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method...

9.8CVSS8.1AI score
Exploits0References2
PyPA
PyPAadded 2023/07/06 2:15 p.m.5 views

PYSEC-2023-109

An issue in langchain v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method...

9.8CVSS8.1AI score0.01566EPSS
Exploits2References3Affected Software1
Prion
Prionadded 2023/07/06 2:15 p.m.19 views

Security feature bypass

An issue in langchain v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method...

7.5CVSS9.7AI score0.01566EPSS
Exploits2References2Affected Software1
Vulnrichment
Vulnrichmentadded 2023/07/06 12:0 a.m.23 views

CVE-2023-36188

An issue in langchain v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method...

8.1AI score0.01566EPSS
Exploits2References2
Cvelist
Cvelistadded 2023/07/06 12:0 a.m.18 views

CVE-2023-36188

An issue in langchain v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method...

9.9AI score0.01566EPSS
Exploits2References2
CVE
CVEadded 2023/07/06 12:0 a.m.75 views

CVE-2023-36188

CVE-2023-36188 affects LangChain v0.0.64, enabling remote code execution via the PALChain parameter in Python exec. The issue stems from deserialization/execution pathways that process untrusted data and can lead to arbitrary code execution. Affected product: LangChain core library (v0.0.64); imp...

9.8CVSS9.6AI score0.01566EPSS
Exploits2References2Affected Software1
Positive Technologies
Positive Technologiesadded 2023/07/03 12:0 a.m.4 views

PT-2023-25499 · Langchain · Langchain

Name of the Vulnerable Software and Affected Versions: LangChain versions prior to 0.0.236 Description: The issue allows an attacker to execute arbitrary code because Python code with os.system, exec, or eval can be used. This is possible via the PALChain in the python exec method. Recommendation...

9.8CVSS7.8AI score0.00982EPSS
Exploits1References21
Github Security Blog
Github Security Blogadded 2023/04/05 3:30 a.m.59 views

LangChain vulnerable to code injection

In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method...

9.8CVSS9.7AI score0.39653EPSS
Exploits1References7Affected Software1
OSV
OSVadded 2023/04/05 2:15 a.m.19 views

CVE-2023-29374

In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method...

9.8CVSS10AI score
Exploits0References4
NVD
NVDadded 2022/01/10 2:12 p.m.23 views

CVE-2022-22817

PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used...

9.8CVSS0.03399EPSS
Exploits0References6
UbuntuCve
UbuntuCveadded 2022/01/10 2:12 p.m.45 views

CVE-2022-22817

PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used...

9.8CVSS6.6AI score0.03399EPSS
Exploits0References5
OSV
OSVadded 2022/01/10 2:12 p.m.165 views

PYSEC-2022-10

PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method...

9.8CVSS3AI score0.03399EPSS
Exploits0References3
Rows per page
Query Builder