CRITICAL🇵🇱 Wersja polska

CVE-2024-46946

CVSS 9.8v3.1pub. 2024-09-19upd. 2025-07-16

langchain_experimental (aka LangChain Experimental) 0.1.17 through 0.3.0 for LangChain allows attackers to execute arbitrary code through sympy.sympify (which uses eval) in LLMSymbolicMathChain. LLMSymbolicMathChain was introduced in fcccde406dd9e9b05fc9babcbeb9ff527b0ec0c6 (2023-10-05).

🤖 AI Analysis
How it works

The LLMSymbolicMathChain component, introduced in October 2023, passes input data to the sympy.sympify() function, which internally uses Python's built-in eval() function. The eval() function executes the passed string as Python code without proper validation or sandboxing. An attacker can thus provide a malicious payload that will be directly executed in the context of the application.

Impact

An attacker can execute arbitrary code on the server (RCE), which in practice means complete system takeover, disclosure of sensitive data, modification or destruction of data, and the possibility of further lateral movement within the network.

Mitigation & patch

The langchain_experimental package should be updated to a version higher than 0.3.0, according to information in the official LangChain release notes available at the address indicated in the manufacturer's references. Until an update is applied, consider disabling or restricting access to the LLMSymbolicMathChain functionality.

Who is affected

langchain_experimental (LangChain Experimental) in versions 0.1.17 to 0.3.0 inclusive, used as a component of the LangChain ecosystem.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Langchain Experimental

    APP
    Langchain
    0.1.17 – 0.3.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2024-27444CRITICAL9.8PL ✓ten sam produkt

RCE w LangChain Experimental — obejście poprawki CVE-2023-44467

CVE-2024-21513HIGH8.5ten sam produkt

Versions of the package langchain-experimental from 0.0.15 and before 0.0.21 are vulnerable to Arbitrary Code ...

CVE-2024-38459HIGH7.8ten sam produkt

langchain_experimental (aka LangChain Experimental) before 0.0.61 for LangChain provides Python REPL access wi...

CVE-2025-68664CRITICAL9.3PL ✓ten sam vendor

Podatność deserialization injection w funkcjach dumps/dumpd LangChain Core

CVE-2025-2828CRITICAL10.0PL ✓ten sam vendor

SSRF w LangChain RequestsToolkit — dostęp do sieci wewnętrznej i metadanych chmury