Cyber Resilience

CVE-2023-36188

CriticalPublic PoC

Published: 06 July 2023

Published
06 July 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.1119 93.7th percentile
Risk Priority 26 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-36188 is a critical-severity Injection (CWE-74) vulnerability in Langchain Langchain. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 6.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as NLP and Transformers.

Deeper analysis

CVE-2023-36188 is a remote code execution vulnerability in LangChain version 0.0.64 that stems from unsafe handling of the PALChain parameter, which is passed directly to Python's exec method. The flaw is tracked under CWE-74 and carries a CVSS 3.1 score of 9.8, reflecting network attackability without authentication or user interaction.

A remote attacker can supply a malicious PALChain value to trigger arbitrary code execution on the affected system, resulting in full confidentiality, integrity, and availability impact. The current and peak EPSS scores both stand at 0.1119 with no material increase after disclosure.

Public references point to a GitHub issue and an associated pull request that address the problem in the LangChain repository.

EU & UK References

Vulnerability details

An issue in langchain v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method.

CWE(s)

AI Security AnalysisAI

AI Category
NLP and Transformers
Risk Domain
N/A
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: langchain

Related Threats

Affected Assets

langchain
langchain
0.0.64

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-74

Developer assessments and testing (including injection-focused techniques) identify improper neutralization of special elements, and the verifiable flaw remediation corrects them pre-deployment.

addresses: CWE-74

Identifies indicators of injection attacks (command, SQL, LDAP, etc.) via anomaly and attack monitoring.

References