langchain is vulnerable to Arbitrary Code Execution.The vulnerability exists in the _process_llm_result
function due to the insecure usage of the Python exec
method, which allows an attacker to carry out prompt injection attacks resulting in arbitrary code execution.