High severityOSV Advisory· Published Nov 21, 2025· Updated Apr 15, 2026
CVE-2025-65106
CVE-2025-65106
Description
LangChain is a framework for building agents and LLM-powered applications. From versions 0.3.79 and prior and 1.0.0 to 1.0.6, a template injection vulnerability exists in LangChain's prompt template system that allows attackers to access Python object internals through template syntax. This vulnerability affects applications that accept untrusted template strings (not just template variables) in ChatPromptTemplate and related prompt template classes. This issue has been patched in versions 0.3.80 and 1.0.7.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
langchain-corePyPI | >= 1.0.0, < 1.0.7 | 1.0.7 |
langchain-corePyPI | < 0.3.80 | 0.3.80 |
Affected products
6- Range: langchain-ai21==0.1.4, langchain-ai21==0.1.5, langchain-ai21==0.1.6, …
- osv-coords5 versionspkg:apk/chainguard/open-webuipkg:apk/chainguard/open-webui-compatpkg:apk/wolfi/open-webuipkg:apk/wolfi/open-webui-compatpkg:pypi/langchain-core
< 0.6.37-r0+ 4 more
- (no CPE)range: < 0.6.37-r0
- (no CPE)range: < 0.6.37-r0
- (no CPE)range: < 0.6.37-r0
- (no CPE)range: < 0.6.37-r0
- (no CPE)range: >= 1.0.0, < 1.0.7
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-6qv9-48xg-fc7fghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-65106ghsaADVISORY
- github.com/langchain-ai/langchain/commit/c4b6ba254e1a49ed91f2e268e6484011c540542anvdWEB
- github.com/langchain-ai/langchain/commit/fa7789d6c21222b85211755d822ef698d3b34e00nvdWEB
- github.com/langchain-ai/langchain/security/advisories/GHSA-6qv9-48xg-fc7fnvdWEB
News mentions
0No linked articles in our index yet.