An issue in LangChain prior to 0.0.236 allows an malicious user to execute arbitrary code because Python code with os.system, exec, or eval can be used.
langchain langchain 0.0.199