Langroid, Remote Code Execution, CVE-2025-46724 (Critical)

Listen to this Post

The vulnerability CVE-2025-46724 in Langroid is a bypass of a previous fix for code injection in the `pandas_eval` tool. A Web Application Firewall (WAF) in `pandas_utils.py` was designed to block unsafe expressions by checking if user input is a simple, literal value via the `_literal_ok()` function. However, this function fails securely by returning `False` for invalid input instead of raising an UnsafeCommandError. This flaw, combined with the ability to access dangerous Python dunder attributes like __init__, __globals__, and `__builtins__` through a Pandas DataFrame object, allows an attacker to construct a malicious chain of whitelisted DataFrame methods. This chain can leak the built-in `eval` function and ultimately pass a crafted payload to it, leading to arbitrary code execution.
Platform: Langroid
Version: <= 0.59.31
Vulnerability: RCE via eval
Severity: Critical
date: 2025

Prediction: 2025-08-15

What Undercode Say:

Example commands to check version and environment
pip show langroid
python -c "import langroid; print(langroid.<strong>version</strong>)"
Code snippet highlighting the vulnerable pattern
In langroid/utils/pandas_utils.py
def _literal_ok(node):
... checks ...
return False Should raise UnsafeCommandError

How Exploit:

df.add_prefix("<strong>import</strong>('os').system('id')").T.groupby(by=df.<strong>init</strong>.<strong>globals</strong>['<strong>builtins</strong>']['eval'])

Protection from this CVE

Update Langroid immediately.

Implement input sanitization.

Restrict dangerous attributes.

Impact:

Remote Code Execution.

Full system compromise.

Arbitrary command execution.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top