CVE-2024-5998

A vulnerability in the FAISS.deserialize_from_bytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function. The issue affects the latest version of the product.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/langchain-ai/langchain/commit/604dfe2d99246b0c09f047c604f0c63eafba31e7	Patch
https://huntr.com/bounties/fa3a2753-57c3-4e08-a176-d7a3ffda28fe	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:langchain:langchain:*:*:*:*:*:*:*:*

History

30 Jul 2025, 16:22

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~5.2~~	v2 : unknown v3 : 7.8
CPE		cpe:2.3:a:langchain:langchain::::::::
First Time		Langchain Langchain langchain
References	~~() https://github.com/langchain-ai/langchain/commit/604dfe2d99246b0c09f047c604f0c63eafba31e7 -~~	() https://github.com/langchain-ai/langchain/commit/604dfe2d99246b0c09f047c604f0c63eafba31e7 - Patch
References	~~() https://huntr.com/bounties/fa3a2753-57c3-4e08-a176-d7a3ffda28fe -~~	() https://huntr.com/bounties/fa3a2753-57c3-4e08-a176-d7a3ffda28fe - Exploit, Third Party Advisory

Information

Published : 2024-09-17 12:15

Updated : 2025-07-30 16:22

NVD link : CVE-2024-5998

Mitre link : CVE-2024-5998

CVE.ORG link : CVE-2024-5998

JSON object : View

Products Affected

langchain

langchain

CWE

CWE-502

Deserialization of Untrusted Data

{"id": "CVE-2024-5998", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "security@huntr.dev", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.2, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 4.7, "exploitabilityScore": 0.5}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2024-09-17T12:15:02.977", "references": [{"url": "https://github.com/langchain-ai/langchain/commit/604dfe2d99246b0c09f047c604f0c63eafba31e7", "tags": ["Patch"], "source": "security@huntr.dev"}, {"url": "https://huntr.com/bounties/fa3a2753-57c3-4e08-a176-d7a3ffda28fe", "tags": ["Exploit", "Third Party Advisory"], "source": "security@huntr.dev"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@huntr.dev", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the FAISS.deserialize_from_bytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function. The issue affects the latest version of the product."}, {"lang": "es", "value": "Una vulnerabilidad en la funci\u00f3n FAISS.deserialize_from_bytes de langchain-ai/langchain permite la deserializaci\u00f3n de datos no confiables mediante pickle. Esto puede provocar la ejecuci\u00f3n de comandos arbitrarios a trav\u00e9s de la funci\u00f3n os.system. El problema afecta a la \u00faltima versi\u00f3n del producto."}], "lastModified": "2025-07-30T16:22:43.363", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:langchain:langchain:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8A44661-51CE-4876-8F4A-06A317332780", "versionEndExcluding": "0.2.9"}], "operator": "OR"}]}], "sourceIdentifier": "security@huntr.dev"}