0Gur1O

**Name of the Vulnerable Software and Affected Versions** langflow version 1.0.12 **Description** The issue is related to a remote code execution (RCE) vulnerability in the PythonCodeTool component. This vulnerability allows for the execution of arbitrary code on the target system by leveraging the use of `exec()` in the PythonCodeTool component. A malicious JSON file can be imported to exploit this issue. **Recommendations** For langflow version 1.0.12, as a temporary workaround, consider disabling the PythonCodeTool component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.