Medium severityNVD Advisory· Published Jan 6, 2025· Updated Apr 15, 2026

CVE-2025-21604

Description

LangChain4j-AIDeepin is a Retrieval enhancement generation (RAG) project. Prior to 3.5.0, LangChain4j-AIDeepin uses MD5 to hash files, which may cause file upload conflicts. This issue is fixed in 3.5.0.

Patches

088a379e10f1

https://github.com/moyangzhan/langchain4j-aideepinvia osv

3cf625c5044a

https://github.com/moyangzhan/langchain4j-aideepinvia osv

commit

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/moyangzhan/langchain4j-aideepin/commit/3cf625c5044a151a8cbcbdf98e10b4b46b8a975anvd
github.com/moyangzhan/langchain4j-aideepin/security/advisories/GHSA-cv5r-73vf-8x7vnvd

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000