{"id":"CVE-2024-5998","details":"A vulnerability in the FAISS.deserialize_from_bytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function. The issue affects the latest version of the product.","aliases":["GHSA-f2jm-rw3h-6phg"],"modified":"2026-03-13T14:59:48.153384Z","published":"2024-09-17T12:15:02.977Z","references":[{"type":"FIX","url":"https://github.com/langchain-ai/langchain/commit/604dfe2d99246b0c09f047c604f0c63eafba31e7"},{"type":"EVIDENCE","url":"https://huntr.com/bounties/fa3a2753-57c3-4e08-a176-d7a3ffda28fe"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/hwchase17/langchain","events":[{"introduced":"0"},{"fixed":"24e9b48d157c43c1faf2820c6b302c1311a3cadf"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"0.2.9"}]}},{"type":"GIT","repo":"https://github.com/langchain-ai/langchain","events":[{"introduced":"0"},{"fixed":"604dfe2d99246b0c09f047c604f0c63eafba31e7"}]}],"versions":["langchain-ai21==0.1.4","langchain-ai21==0.1.5","langchain-ai21==0.1.6","langchain-ai21==0.1.7","langchain-airbyte==0.1.1","langchain-anthropic==0.1.12","langchain-anthropic==0.1.13","langchain-anthropic==0.1.14rc1","langchain-anthropic==0.1.14rc2","langchain-anthropic==0.1.15","langchain-anthropic==0.1.16","langchain-anthropic==0.1.17","langchain-anthropic==0.1.18","langchain-anthropic==0.1.19","langchain-anthropic==0.1.20","langchain-azure-dynamic-sessions==0.1.0","langchain-azure-dynamic-sessions==0.1.0rc0","langchain-chroma==0.1.1","langchain-chroma==0.1.2","langchain-cli==0.0.22","langchain-cli==0.0.23","langchain-cli==0.0.24","langchain-cli==0.0.25","langchain-community==0.0.35","langchain-community==0.0.36","langchain-community==0.0.37","langchain-community==0.2.0","langchain-community==0.2.0rc1","langchain-community==0.2.1","langchain-community==0.2.2","langchain-community==0.2.3","langchain-community==0.2.4","langchain-community==0.2.5","langchain-community==0.2.6","langchain-community==0.2.7","langchain-core==0.1.47","langchain-core==0.1.48","langchain-core==0.1.50","langchain-core==0.1.51","langchain-core==0.1.52","langchain-core==0.2.0","langchain-core==0.2.0rc1","langchain-core==0.2.1","langchain-core==0.2.10","langchain-core==0.2.11","langchain-core==0.2.12","langchain-core==0.2.13","langchain-core==0.2.15","langchain-core==0.2.16","langchain-core==0.2.17","langchain-core==0.2.18","langchain-core==0.2.19","langchain-core==0.2.2","langchain-core==0.2.20","langchain-core==0.2.21","langchain-core==0.2.22","langchain-core==0.2.2rc1","langchain-core==0.2.3","langchain-core==0.2.4","langchain-core==0.2.5","langchain-core==0.2.6","langchain-core==0.2.7","langchain-core==0.2.8","langchain-core==0.2.9","langchain-couchbase==0.0.1","langchain-couchbase==0.1.0","langchain-exa==0.1.0","langchain-experimental==0.0.58","langchain-experimental==0.0.59","langchain-experimental==0.0.60","langchain-experimental==0.0.61","langchain-experimental==0.0.62","langchain-fireworks==0.1.3","langchain-fireworks==0.1.4","langchain-fireworks==0.1.5","langchain-groq==0.1.4","langchain-groq==0.1.5","langchain-groq==0.1.6","langchain-huggingface==0.0.1","langchain-huggingface==0.0.2","langchain-huggingface==0.0.3","langchain-ibm==0.1.5","langchain-ibm==0.1.6","langchain-ibm==0.1.7","langchain-ibm==0.1.8","langchain-ibm==0.1.9","langchain-milvus==0.1.0","langchain-milvus==0.1.1","langchain-milvus==0.1.2","langchain-mistralai==0.1.10","langchain-mistralai==0.1.6","langchain-mistralai==0.1.7","langchain-mistralai==0.1.8","langchain-mistralai==0.1.9","langchain-mongodb==0.1.4","langchain-mongodb==0.1.5","langchain-mongodb==0.1.6","langchain-mongodb==0.1.7","langchain-nomic==0.1.0","langchain-nomic==0.1.1","langchain-nomic==0.1.2","langchain-openai==0.1.10","langchain-openai==0.1.11","langchain-openai==0.1.12","langchain-openai==0.1.13","langchain-openai==0.1.14","langchain-openai==0.1.15","langchain-openai==0.1.16","langchain-openai==0.1.17","langchain-openai==0.1.5","langchain-openai==0.1.6","langchain-openai==0.1.7","langchain-openai==0.1.8","langchain-openai==0.1.8rc1","langchain-openai==0.1.9","langchain-pinecone==0.1.1","langchain-pinecone==0.1.2","langchain-prompty==0.0.1","langchain-prompty==0.0.2","langchain-qdrant==0.0.1","langchain-qdrant==0.1.0","langchain-qdrant==0.1.1","langchain-qdrant==0.1.2","langchain-robocorp==0.0.6","langchain-robocorp==0.0.7","langchain-robocorp==0.0.8","langchain-robocorp==0.0.9","langchain-robocorp==0.0.9.post1","langchain-text-splitters==0.0.2","langchain-text-splitters==0.2.0","langchain-text-splitters==0.2.1","langchain-text-splitters==0.2.2","langchain-together==0.1.1","langchain-together==0.1.2","langchain-together==0.1.3","langchain-together==0.1.4","langchain-upstage==0.1.4","langchain-upstage==0.1.5","langchain-voyageai==0.1.1","langchain==0.1.17","langchain==0.2.0","langchain==0.2.0rc2","langchain==0.2.1","langchain==0.2.2","langchain==0.2.3","langchain==0.2.4","langchain==0.2.5","langchain==0.2.6","langchain==0.2.7","langchain==0.2.8","langchain==0.2.9","v0.0.1","v0.0.100","v0.0.101","v0.0.102","v0.0.103","v0.0.104","v0.0.105","v0.0.106","v0.0.107","v0.0.108","v0.0.109","v0.0.110","v0.0.111","v0.0.112","v0.0.113","v0.0.114","v0.0.115","v0.0.116","v0.0.117","v0.0.118","v0.0.119","v0.0.120","v0.0.121","v0.0.122","v0.0.123","v0.0.124","v0.0.125","v0.0.126","v0.0.127","v0.0.128","v0.0.129","v0.0.130","v0.0.131","v0.0.132","v0.0.133","v0.0.134","v0.0.135","v0.0.136","v0.0.137","v0.0.138","v0.0.139","v0.0.140","v0.0.141","v0.0.142","v0.0.143","v0.0.144","v0.0.145","v0.0.146","v0.0.147","v0.0.148","v0.0.149","v0.0.150","v0.0.151","v0.0.152","v0.0.153","v0.0.154","v0.0.155","v0.0.156","v0.0.157","v0.0.158","v0.0.159","v0.0.160","v0.0.161","v0.0.162","v0.0.163","v0.0.164","v0.0.165","v0.0.166","v0.0.167","v0.0.168","v0.0.169","v0.0.170","v0.0.171","v0.0.172","v0.0.173","v0.0.174","v0.0.175","v0.0.176","v0.0.177","v0.0.178","v0.0.179","v0.0.180","v0.0.181","v0.0.182","v0.0.183","v0.0.184","v0.0.185","v0.0.186","v0.0.187","v0.0.188","v0.0.189","v0.0.190","v0.0.191","v0.0.192","v0.0.193","v0.0.194","v0.0.195","v0.0.196","v0.0.197","v0.0.198","v0.0.199","v0.0.1rc0","v0.0.1rc1","v0.0.1rc2","v0.0.1rc3","v0.0.1rc4","v0.0.2","v0.0.200","v0.0.201","v0.0.202","v0.0.203","v0.0.204","v0.0.205","v0.0.206","v0.0.207","v0.0.208","v0.0.209","v0.0.210","v0.0.211","v0.0.212","v0.0.213","v0.0.214","v0.0.215","v0.0.216","v0.0.217","v0.0.218","v0.0.219","v0.0.220","v0.0.221","v0.0.222","v0.0.223","v0.0.224","v0.0.225","v0.0.226","v0.0.227","v0.0.228","v0.0.229","v0.0.230","v0.0.231","v0.0.232","v0.0.233","v0.0.234","v0.0.235","v0.0.236","v0.0.237","v0.0.238","v0.0.239","v0.0.240","v0.0.240rc0","v0.0.240rc1","v0.0.240rc4","v0.0.242","v0.0.243","v0.0.244","v0.0.245","v0.0.247","v0.0.248","v0.0.249","v0.0.250","v0.0.251","v0.0.252","v0.0.253","v0.0.254","v0.0.255","v0.0.256","v0.0.257","v0.0.258","v0.0.259","v0.0.260","v0.0.261","v0.0.262","v0.0.263","v0.0.264","v0.0.265","v0.0.266","v0.0.267","v0.0.268","v0.0.269","v0.0.270","v0.0.271","v0.0.272","v0.0.273","v0.0.274","v0.0.275","v0.0.276","v0.0.277","v0.0.278","v0.0.279","v0.0.281","v0.0.283","v0.0.284","v0.0.285","v0.0.286","v0.0.287","v0.0.288","v0.0.289","v0.0.290","v0.0.291","v0.0.292","v0.0.293","v0.0.294","v0.0.295","v0.0.296","v0.0.297","v0.0.298","v0.0.299","v0.0.300","v0.0.301","v0.0.302","v0.0.303","v0.0.304","v0.0.305","v0.0.306","v0.0.307","v0.0.308","v0.0.309","v0.0.310","v0.0.311","v0.0.312","v0.0.313","v0.0.314","v0.0.315","v0.0.316","v0.0.317","v0.0.318","v0.0.319","v0.0.320","v0.0.321","v0.0.322","v0.0.323","v0.0.324","v0.0.325","v0.0.326","v0.0.327","v0.0.329","v0.0.330","v0.0.331","v0.0.331rc0","v0.0.331rc1","v0.0.331rc2","v0.0.331rc3","v0.0.332","v0.0.333","v0.0.334","v0.0.335","v0.0.336","v0.0.337","v0.0.338","v0.0.339","v0.0.339rc0","v0.0.339rc1","v0.0.339rc2","v0.0.339rc3","v0.0.340","v0.0.341","v0.0.342","v0.0.343","v0.0.344","v0.0.345","v0.0.346","v0.0.347","v0.0.348","v0.0.349","v0.0.349-rc.1","v0.0.349-rc.2","v0.0.350","v0.0.351","v0.0.352","v0.0.353","v0.0.354","v0.0.4","v0.0.5","v0.0.64","v0.0.65","v0.0.66","v0.0.67","v0.0.68","v0.0.69","v0.0.70","v0.0.71","v0.0.72","v0.0.73","v0.0.74","v0.0.75","v0.0.76","v0.0.77","v0.0.78","v0.0.79","v0.0.80","v0.0.81","v0.0.82","v0.0.83","v0.0.84","v0.0.85","v0.0.86","v0.0.87","v0.0.88","v0.0.89","v0.0.90","v0.0.91","v0.0.92","v0.0.93","v0.0.94","v0.0.95","v0.0.96","v0.0.97","v0.0.98","v0.0.99","v0.1.0","v0.1.1","v0.1.10","v0.1.11","v0.1.12","v0.1.13","v0.1.14","v0.1.15","v0.1.16","v0.1.2","v0.1.3","v0.1.4","v0.1.5","v0.1.6","v0.1.7","v0.1.8","v0.1.9"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-5998.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}