Arbitrary Code Execution
Langroid is vulnerable to Arbitrary Code Execution. The vulnerability is due to unsafe code evaluation due to the use of pandas.eval in the LanceDocChatAgent via the computefromdocs function, allowing attackers to execute malicious code through unsanitized input...