The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument.
https://github.com/embedchain/embedchain/pull/1122
https://github.com/embedchain/embedchain/compare/0.1.56...0.1.57