CRITICAL🇵🇱 Wersja polska

CVE-2024-27444

CVSS 9.8v3.1pub. 2024-02-26upd. 2025-07-14

langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-44467 fix and execute arbitrary code via the __import__, __subclasses__, __builtins__, __globals__, __getattribute__, __bases__, __mro__, or __base__ attribute in Python code. These are not prohibited by pal_chain/base.py.

🤖 AI Analysis
How it works

The pal_chain/base.py module does not block the use of dangerous Python attributes such as __import__, __subclasses__, __builtins__, __globals__, __getattribute__, __bases__, __mro__, and __base__. An attacker can pass crafted Python code containing references to these attributes, allowing escape from the intended code execution environment and execution of arbitrary system commands. The filtering mechanism introduced as a fix for CVE-2023-44467 proved incomplete and can be bypassed using the mentioned attributes.

Impact

An attacker can execute arbitrary code on the victim's server without any authentication, leading to complete system takeover, data disclosure, and violation of service integrity and availability.

Mitigation & patch

Update LangChain to version 0.1.8 or newer, which includes a patch available in commit de9a6cdf163ed00adaf2e559203ed0a9ca2f1de7 in the langchain-ai/langchain GitHub repository.

Who is affected

langchain_experimental (LangChain Experimental) in the LangChain package in versions before 0.1.8

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Langchain Experimental

    APP
    Langchain
    < 0.1.8
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2024-46946CRITICAL9.8PL ✓ten sam produkt

RCE w LangChain Experimental przez sympy.sympify w LLMSymbolicMathChain

CVE-2024-21513HIGH8.5ten sam produkt

Versions of the package langchain-experimental from 0.0.15 and before 0.0.21 are vulnerable to Arbitrary Code ...

CVE-2024-38459HIGH7.8ten sam produkt

langchain_experimental (aka LangChain Experimental) before 0.0.61 for LangChain provides Python REPL access wi...

CVE-2025-68664CRITICAL9.3PL ✓ten sam vendor

Podatność deserialization injection w funkcjach dumps/dumpd LangChain Core

CVE-2025-2828CRITICAL10.0PL ✓ten sam vendor

SSRF w LangChain RequestsToolkit — dostęp do sieci wewnętrznej i metadanych chmury