An issue in Gaberiele Venturi pandasai v.0.8.0 and before allows a remote attacker to execute arbitrary code via a crafted request to the prompt function.
"https://github.com/pypa/advisory-database/blob/main/vulns/pandasai/PYSEC-2026-1757.yaml"