Product
A code injection vulnerability (CVE-2026-4998) exists in Sinaptik AI PandasAI versions up to 3.0.0, enabling remote attackers to execute arbitrary code via the CodeExecutor.execute function within the Chat Message Handler component.