Researchers found a critical code execution flaw, dubbed Llama Drama, in the popular llama_cpp_python Python package used to integrate AI models, exposing systems to arbitrary code execution. The misuse of Jinja2 allowed for remote code execution, emphasizing the need for robust security practices in AI systems. Concurrently, a high-severity vulnerability was found in Mozilla's PDF
js library, allowing arbitrary JavaScript execution when opening infected PDFs in Firefox, ultimately fixed in multiple updates. Security researchers' efforts in detecting and addressing these flaws highlight the continuous importance of cybersecurity vigilance amidst the ever-evolving landscape of software vulnerabilities. ```https://thehackernews.com/2024/05/researchers-uncover-flaws-in-python.html