{"vulnerability": "cve-2024-5998", "sightings": [{"uuid": "ce40a0c4-25ad-4827-9f9f-cf1d7b33708c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5998", "type": "seen", "source": "https://t.me/cvedetector/5806", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5998 - Langchain FAISS Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-5998 \nPublished : Sept. 17, 2024, 12:15 p.m. | 29\u00a0minutes ago \nDescription : A vulnerability in the FAISS.deserialize_from_bytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function. The issue affects the latest version of the product. \nSeverity: 5.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-17T14:46:22.000000Z"}]}