CVE-2023-36281

Published
View on NVD ↗
CVSS v3
9.8
CRITICAL
CVSS v2
N/A
Affected
1
PROJECT

Description

An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via a JSON file to load_prompt. This is related to __subclasses__ or a template.

langchain-ai/langchain
langchain-ai/langchain
The agent engineering platform.
GitHubGitHub
140K