CVE-2025-46725: 
Python vulnerability analysis and mitigation

Langroid, a Python framework for building large language model (LLM)-powered applications, was found to contain a critical vulnerability (CVE-2025-46725) discovered on May 20, 2025. The vulnerability affects versions prior to 0.53.15, specifically in the LanceDocChatAgent component which uses pandas eval() through computefromdocs() function. This security flaw is classified as CWE-94 (Improper Control of Generation of Code - 'Code Injection') with a CVSS v4.0 Base Score of 8.1 (HIGH) (GitHub Advisory, NVD).

The vulnerability stems from the use of pandas eval() in the computefromdocs() function within the vectorstore/base.py module. The security flaw allows arbitrary code execution through the QueryPlan.dataframe_calc parameter. The vulnerability is rated with a CVSS v4.0 Base Score of 8.1 (HIGH) with the vector string CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U, indicating high severity across confidentiality, integrity, and availability impacts (NVD, Wiz).

When exploited, this vulnerability could allow an attacker to execute malicious commands through the QueryPlan.dataframe_calc parameter, potentially leading to system compromise. The high severity score indicates that successful exploitation could result in significant impact to the confidentiality, integrity, and availability of the affected system (GitHub Advisory, Wiz).

The vulnerability has been patched in Langroid version 0.53.15. The fix includes input sanitization by default to prevent common attack vectors and adds warnings about risky behavior in the project documentation. The patch implements a CommandValidator class that enforces security policies and validates input expressions before execution. Users are strongly advised to upgrade to version 0.53.15 or later (GitHub Commit, GitHub Advisory).