Login Sign Up

CVE-2023-38860

9.8 CRITICAL
Remote Code Execution

📋 TL;DR

This vulnerability in LangChain allows remote attackers to execute arbitrary code by manipulating the prompt parameter. It affects all systems running vulnerable versions of LangChain, particularly those exposing the framework to untrusted inputs. The high CVSS score indicates critical severity.

💻 Affected Systems

Products:
  • LangChain
Versions: v0.0.231 and potentially earlier versions
Operating Systems: All platforms running Python
Default Config Vulnerable: ⚠️ Yes
Notes: Any LangChain deployment using the vulnerable prompt parameter handling is affected.

📦 What is this software?

Langchain by Langchain

View all CVEs affecting Langchain →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining complete control over the server, allowing data theft, lateral movement, and persistent backdoor installation.

🟠

Likely Case

Remote code execution leading to data exfiltration, cryptocurrency mining, or participation in botnets.

🟢

If Mitigated

Limited impact with proper input validation and sandboxing, potentially only denial of service.

🌐 Internet-Facing: HIGH - Remote exploitation without authentication makes internet-facing instances extremely vulnerable.
🏢 Internal Only: HIGH - Even internal systems are vulnerable if attackers gain network access or through insider threats.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

The GitHub issue contains technical details that could be weaponized. Remote exploitation without authentication makes this particularly dangerous.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v0.0.232 or later

Vendor Advisory: https://github.com/hwchase17/langchain/issues/7641

Restart Required: Yes

Instructions:

1. Update LangChain using pip: pip install --upgrade langchain 2. Verify version is 0.0.232 or higher 3. Restart all LangChain-dependent applications

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation on all prompt parameters to prevent code injection

Network Segmentation

all

Isolate LangChain instances from sensitive networks and restrict external access

🧯 If You Can't Patch

  • Implement strict network access controls to limit who can reach LangChain endpoints
  • Deploy web application firewall (WAF) rules to detect and block suspicious prompt patterns

🔍 How to Verify

Check if Vulnerable:

Check LangChain version: python -c "import langchain; print(langchain.__version__)" - if version is 0.0.231 or earlier, system is vulnerable.

Check Version:

python -c "import langchain; print(langchain.__version__)"

Verify Fix Applied:

After update, verify version is 0.0.232 or higher using same command.

📡 Detection & Monitoring

Log Indicators:

  • Unusual prompt patterns containing code-like syntax
  • Unexpected process spawns from LangChain processes
  • Error logs showing code execution failures

Network Indicators:

  • Unusual outbound connections from LangChain servers
  • Traffic to known malicious domains from LangChain instances

SIEM Query:

source="langchain" AND (event="code_execution" OR event="unexpected_process" OR message="*injection*")

📊 Metadata

CVE ID: CVE-2023-38860
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-94
Published: August 15, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-38860, you might also want to check these:

CVE-2025-62521 10.0

CVE-2025-62521 is a critical pre-authentication remote code execution vulnerability in ChurchCRM tha...

Same vulnerability type (CWE-94)
CVE-2026-26216 10.0

Crawl4AI versions before 0.8.0 contain an unauthenticated remote code execution vulnerability in the...

Same vulnerability type (CWE-94)
CVE-2021-22205 10.0

CVE-2021-22205 is a critical remote code execution vulnerability in GitLab CE/EE where improper vali...

Same vulnerability type (CWE-94)