CVE-2023-39659
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2023-39659 is a new vulnerability affecting the langchain langchain-ai software version 0.0.232 and earlier. This issue grants remote attackers the ability to execute arbitrary code by crafting a malicious script that interacts with the PythonAstREPLTool._run component. Successful exploitation could lead to significant security risks, including unauthorized system access and data theft. It is recommended that users of these affected versions upgrade to a patched version as soon as possible to mitigate this vulnerability. Failure to do so could result in serious consequences.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Langchain