VYPR

Langchain

by Langchain AI

pypi: langchain

Source repositories

CVEs (32)

  • CVE-2025-46059CriJul 29, 2025
    risk 0.64cvss 9.8epss 0.01

    langchain-ai v0.3.51 was discovered to contain an indirect prompt injection vulnerability in the GmailToolkit component. This vulnerability allows attackers to execute arbitrary code and compromise the application via a crafted email message. NOTE: this is disputed by the…

  • CVE-2026-30617HigApr 15, 2026
    risk 0.56cvss 8.6epss 0.00

    LangChain-ChatChat 0.3.1 contains a remote code execution vulnerability in its MCP STDIO server configuration and execution handling. A remote attacker can access the publicly exposed MCP management interface and configure an MCP STDIO server with attacker-controlled commands…

  • CVE-2026-44843HigMay 26, 2026
    risk 0.53cvss 8.2epss 0.00

    LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.85 and 1.3.3, LangChain contains older runtime code paths that deserialize run inputs, run outputs, or other application-controlled payloads using overly broad object allowlists. These paths…

  • CVE-2025-65106HigNov 21, 2025
    risk 0.47cvss epss 0.00

    LangChain is a framework for building agents and LLM-powered applications. From versions 0.3.79 and prior and 1.0.0 to 1.0.6, a template injection vulnerability exists in LangChain's prompt template system that allows attackers to access Python object internals through template…

  • CVE-2025-6985HigOct 6, 2025
    risk 0.42cvss 7.5epss 0.01

    The HTMLSectionSplitter class in langchain-text-splitters version 0.3.8 is vulnerable to XML External Entity (XXE) attacks due to unsafe XSLT parsing. This vulnerability arises because the class allows the use of arbitrary XSLT stylesheets, which are parsed using…

  • CVE-2024-10940MedMar 20, 2025
    risk 0.27cvss 5.3epss 0.00

    A vulnerability in langchain-core versions >=0.1.17,<0.1.53, >=0.2.0,<0.2.43, and >=0.3.0,<0.3.15 allows unauthorized users to read arbitrary files from the host file system. The issue arises from the ability to create langchain_core.prompts.ImagePromptTemplate's (and by…

  • CVE-2026-41488LowApr 24, 2026
    risk 0.20cvss 3.1epss 0.00

    LangChain is a framework for building agents and LLM-powered applications. Prior to 1.1.14, langchain-openai's _url_to_size() helper (used by get_num_tokens_from_messages for image token counting) validated URLs for SSRF protection and then fetched them in a separate network…

  • CVE-2026-55443Jun 22, 2026
    risk 0.00cvss epss 0.00

    LangChain is a framework for building agents and LLM-powered applications. Prior to 1.3.9, several LangChain components that resolve filesystem paths or expand search patterns do not consistently confine the resolved path to the intended root directory. Affected behaviors…

  • CVE-2026-26013Feb 10, 2026
    risk 0.00cvss epss 0.00

    LangChain is a framework for building agents and LLM-powered applications. Prior to 1.2.11, the ChatOpenAI.get_num_tokens_from_messages() method fetches arbitrary image_url values without validation when computing token counts for vision-enabled models. This allows attackers to…

  • CVE-2024-58340Jan 12, 2026
    risk 0.00cvss epss 0.00

    LangChain versions up to and including 0.3.1 contain a regular expression denial-of-service (ReDoS) vulnerability in the MRKLOutputParser.parse() method (libs/langchain/langchain/agents/mrkl/output_parser.py). The parser applies a backtracking-prone regular expression when…

  • CVE-2025-68664Dec 23, 2025
    risk 0.00cvss epss 0.14

    LangChain is a framework for building agents and LLM-powered applications. Prior to versions 0.3.81 and 1.2.5, a serialization injection vulnerability exists in LangChain's dumps() and dumpd() functions. The functions do not escape dictionaries with 'lc' keys when serializing…

  • CVE-2025-2828Jun 23, 2025
    risk 0.00cvss epss 0.14

    A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit component of the langchain-community package (specifically, langchain_community.agent_toolkits.openapi.toolkit.RequestsToolkit) in langchain-ai/langchain version 0.0.27. This vulnerability occurs…

  • CVE-2024-8309Oct 29, 2024
    risk 0.00cvss epss 0.14

    A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulation, data exfiltration, denial of service (DoS) by deleting all data, breaches in…

  • CVE-2024-5998Sep 17, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the FAISS.deserialize_from_bytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function. The issue affects the latest version of the product.

  • CVE-2024-21513Jul 15, 2024
    risk 0.00cvss epss 0.02

    Versions of the package langchain-experimental from 0.0.15 and before 0.0.21 are vulnerable to Arbitrary Code Execution when retrieving values from the database, the code will attempt to call 'eval' on all values. An attacker can exploit this vulnerability and execute arbitrary…

  • CVE-2024-2965Jun 6, 2024
    risk 0.00cvss epss 0.00

    A Denial-of-Service (DoS) vulnerability exists in the `SitemapLoader` class of the `langchain-ai/langchain` repository, affecting all versions. The `parse_sitemap` method, responsible for parsing sitemaps and extracting URLs, lacks a mechanism to prevent infinite recursion when…

  • CVE-2024-3095Jun 6, 2024
    risk 0.00cvss epss 0.01

    A Server-Side Request Forgery (SSRF) vulnerability exists in the Web Research Retriever component of langchain-ai/langchain version 0.1.5. The vulnerability arises because the Web Research Retriever does not restrict requests to remote internet addresses, allowing it to reach…

  • CVE-2024-3571Apr 16, 2024
    risk 0.00cvss epss 0.02

    langchain-ai/langchain is vulnerable to path traversal due to improper limitation of a pathname to a restricted directory ('Path Traversal') in its LocalFileStore functionality. An attacker can leverage this vulnerability to read or write files anywhere on the filesystem,…

  • CVE-2024-1455Mar 26, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the langchain-ai/langchain repository allows for a Billion Laughs Attack, a type of XML External Entity (XXE) exploitation. By nesting multiple layers of entities within an XML document, an attacker can cause the XML parser to consume excessive CPU and memory…

  • CVE-2024-28088Mar 3, 2024
    risk 0.00cvss epss 0.02

    LangChain through 0.1.10 allows ../ directory traversal by an actor who is able to control the final part of the path parameter in a load_chain call. This bypasses the intended behavior of loading configurations only from the hwchase17/langchain-hub GitHub repository. The…

Page 1 of 2