Impact of remote-code execution vulnerability in LangChain

from blog ntietz.com blog - technically a blog, | ↗ original
↗ original
One of my private repos depends on LangChain, so I got a lovely email from GitHub this morning: Ooh, a high severity remote-code execution vulnerability in LangChain? On the one hand, I'm not entirely shocked that a framework that includes the ability to run LLM-generated code might run untrusted code. On the other hand, it is high severity, so...