VYPR

PyPI package

langchain

pkg:pypi/langchain

Vulnerabilities (20)

  • CVE-2026-45134higMay 13, 2026
    affected < 0.3.30fixed 0.3.30

    ## Description The LangSmith SDK's prompt pull methods (`pull_prompt` / `pull_prompt_commit` in Python, `pullPrompt` / `pullPromptCommit` in JS/TS) fetch and deserialize prompt manifests from the LangSmith Hub. These manifests may contain serialized LangChain objects and model c

  • CVE-2024-8309Oct 29, 2024
    affected < 0.2.0fixed 0.2.0

    A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulation, data exfiltration, denial of service (DoS) by deleting all data, breaches in m

  • CVE-2024-2965Jun 6, 2024
    affected < 0.2.5fixed 0.2.5

    A Denial-of-Service (DoS) vulnerability exists in the `SitemapLoader` class of the `langchain-ai/langchain` repository, affecting all versions. The `parse_sitemap` method, responsible for parsing sitemaps and extracting URLs, lacks a mechanism to prevent infinite recursion when a

  • CVE-2024-3571Apr 16, 2024
    affected < 0.0.353fixed 0.0.353

    langchain-ai/langchain is vulnerable to path traversal due to improper limitation of a pathname to a restricted directory ('Path Traversal') in its LocalFileStore functionality. An attacker can leverage this vulnerability to read or write files anywhere on the filesystem, potenti

  • CVE-2024-28088Mar 3, 2024
    affected < 0.0.339fixed 0.0.339

    LangChain through 0.1.10 allows ../ directory traversal by an actor who is able to control the final part of the path parameter in a load_chain call. This bypasses the intended behavior of loading configurations only from the hwchase17/langchain-hub GitHub repository. The outcome

  • CVE-2024-0243Feb 24, 2024
    affected < 0.1.0fixed 0.1.0

    With the following crawler configuration: ```python from bs4 import BeautifulSoup as Soup url = "https://example.com" loader = RecursiveUrlLoader( url=url, max_depth=2, extractor=lambda x: Soup(x, "html.parser").text ) docs = loader.load() ``` An attacker in control of the

  • CVE-2023-32786Oct 20, 2023
    affected < 0.0.329fixed 0.0.329

    In Langchain through 0.0.155, prompt injection allows an attacker to force the service to retrieve data from an arbitrary URL, essentially providing SSRF and potentially injecting content into downstream tasks.

  • CVE-2023-46229Oct 19, 2023
    affected < 0.0.317fixed 0.0.317

    LangChain before 0.0.317 allows SSRF via document_loaders/recursive_url_loader.py because crawling can proceed from an external server to an internal server.

  • CVE-2023-39631Sep 1, 2023
    affected < 0.0.308fixed 0.0.308

    An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library.

  • CVE-2023-36281Aug 22, 2023
    affected < 0.0.312fixed 0.0.312

    An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via a JSON file to load_prompt. This is related to __subclasses__ or a template.

  • CVE-2023-39659Aug 15, 2023
    affected < 0.0.325fixed 0.0.325

    An issue in langchain langchain-ai v.0.0.232 and before allows a remote attacker to execute arbitrary code via a crafted script to the PythonAstREPLTool._run component.

  • CVE-2023-38896Aug 15, 2023
    affected < 0.0.236fixed 0.0.236

    An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the from_math_prompt and from_colored_object_prompt functions.

  • CVE-2023-38860Aug 15, 2023
    affected < 0.0.247fixed 0.0.247

    An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter.

  • CVE-2023-36095Aug 5, 2023
    affected < 0.0.236fixed 0.0.236

    An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include from_math_prompt and from_colored_object_prompt.

  • CVE-2023-36189Jul 6, 2023
    affected < 0.0.247fixed 0.0.247

    SQL injection vulnerability in langchain before v0.0.247 allows a remote attacker to obtain sensitive information via the SQLDatabaseChain component.

  • CVE-2023-36188Jul 6, 2023
    affected < 0.0.236fixed 0.0.236

    An issue in langchain v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method.

  • CVE-2023-36258Jul 3, 2023
    affected < 0.0.247fixed 0.0.247

    An issue in LangChain before 0.0.236 allows an attacker to execute arbitrary code because Python code with os.system, exec, or eval can be used.

  • CVE-2023-34541Jun 20, 2023
    affected < 0.0.247fixed 0.0.247

    Langchain 0.0.171 is vulnerable to Arbitrary code execution in load_prompt.

  • CVE-2023-34540Jun 14, 2023
    affected < 0.0.225fixed 0.0.225

    Langchain before v0.0.225 was discovered to contain a remote code execution (RCE) vulnerability in the component JiraAPIWrapper (aka the JIRA API wrapper). This vulnerability allows attackers to execute arbitrary code via crafted input. As noted in the "releases/tag" reference, a

  • CVE-2023-29374Apr 5, 2023
    affected <= 0.0.131

    In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method.