9.8

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2023-38896

GHSA ID

GHSA-92j5-3459-qgp4

EPSS Score

0.72897%

CWE

CWE-74

Published

8/15/2023

Updated

9/27/2024

KEV Status

Technology

Python

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2023-38896

CVE-2023-38896: LangChain vulnerable to arbitrary code execution

An issue in Harrison Chase langchain before version 0.0.236 allows a remote attacker to execute arbitrary code via the from_math_prompt and from_colored_object_prompt functions.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2023-38896

CVE-2023-38896:

9.8

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2023-38896

GHSA ID

GHSA-92j5-3459-qgp4

EPSS Score

0.72897%

CWE

CWE-74

Published

8/15/2023

Updated

9/27/2024

KEV Status

Technology

Python

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
langchain	pip	< 0.0.236	0.0.236

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from three key points:

The PALChain.from_*_prompt functions created chains that executed LLM-generated code without proper AST validation (for imports/command execution functions)
The PythonREPL.run method lacked timeouts and process isolation
Together these allowed prompt injection attacks to execute system commands via functions like os.system(). The patch added validation (PALValidation class), timeouts, and process isolation - confirming these were the vulnerable points. CVE description and commit diffs directly implicate these functions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

9.8

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2023-38896: LangChain vulnerable to arbitrary code execution

CVE-2023-38896:

9.8

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Basic Information

Basic Information

CVE-2023-38896: LangChain vulnerable to arbitrary code execution

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Technical Details

9.8

9.8

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI