{"id":"CVE-2023-34541","details":"Langchain 0.0.171 is vulnerable to Arbitrary code execution in load_prompt.","aliases":["GHSA-6643-h7h5-x9wh","PYSEC-2023-92"],"modified":"2026-04-10T04:58:32.438536Z","published":"2023-06-20T15:15:11.727Z","references":[{"type":"REPORT","url":"https://github.com/hwchase17/langchain/issues/4849"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/hwchase17/langchain","events":[{"introduced":"0"},{"last_affected":"7ce43372c3017f78e6b759b6f9b3fe55b1ad2eba"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.0.171"}]}}],"versions":["v0.0.100","v0.0.101","v0.0.102","v0.0.103","v0.0.104","v0.0.105","v0.0.106","v0.0.107","v0.0.108","v0.0.109","v0.0.110","v0.0.111","v0.0.112","v0.0.113","v0.0.114","v0.0.115","v0.0.116","v0.0.117","v0.0.118","v0.0.119","v0.0.120","v0.0.121","v0.0.122","v0.0.123","v0.0.124","v0.0.125","v0.0.126","v0.0.127","v0.0.128","v0.0.129","v0.0.130","v0.0.131","v0.0.132","v0.0.133","v0.0.134","v0.0.135","v0.0.136","v0.0.137","v0.0.138","v0.0.139","v0.0.140","v0.0.141","v0.0.142","v0.0.143","v0.0.144","v0.0.145","v0.0.146","v0.0.147","v0.0.149","v0.0.150","v0.0.151","v0.0.152","v0.0.153","v0.0.154","v0.0.155","v0.0.156","v0.0.157","v0.0.158","v0.0.159","v0.0.160","v0.0.161","v0.0.162","v0.0.163","v0.0.164","v0.0.165","v0.0.166","v0.0.167","v0.0.168","v0.0.169","v0.0.170","v0.0.171","v0.0.64","v0.0.65","v0.0.66","v0.0.67","v0.0.68","v0.0.69","v0.0.70","v0.0.71","v0.0.72","v0.0.73","v0.0.74","v0.0.75","v0.0.76","v0.0.77","v0.0.78","v0.0.79","v0.0.80","v0.0.81","v0.0.82","v0.0.83","v0.0.84","v0.0.85","v0.0.86","v0.0.87","v0.0.88","v0.0.89","v0.0.90","v0.0.91","v0.0.92","v0.0.93","v0.0.94","v0.0.95","v0.0.96","v0.0.97","v0.0.98","v0.0.99"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-34541.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}