Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

langchain-ai — Vulnerabilities & Security Advisories 34

Browse all 34 CVE security advisories affecting langchain-ai. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Langchain-ai provides a framework for developing applications powered by large language models, primarily facilitating the integration of external data sources and tools into AI workflows. Its architecture, which often involves dynamic code execution and complex dependency management, has historically exposed users to significant risks. Security audits reveal thirty-four recorded Common Vulnerabilities and Exposures (CVEs), predominantly involving remote code execution, arbitrary file reads, and injection flaws. These vulnerabilities frequently stem from insufficient input validation in prompt templates and unsafe handling of untrusted data within chains. Notable incidents include critical flaws allowing attackers to execute arbitrary commands on host systems through manipulated LLM outputs or malicious tool definitions. The project’s reliance on third-party libraries and its flexible, often opaque, execution paths have contributed to a high vulnerability surface. Users must rigorously sanitize inputs and isolate execution environments to mitigate these inherent risks associated with dynamic AI application development.

Top products by langchain-ai: langchain-ai/langchain langchain langgraph langchainjs langsmith-sdk langchain-ai/langchainjs langgraphjs langgraph-checkpoint helm langchain-openai langchain-text-splitters
CVE IDTitleCVSSSeverityPublished
CVE-2026-41488 angchain-openai: Image token counting SSRF protection can be bypassed via DNS rebinding — langchain-openaiCWE-918 3.1 Low2026-04-24
CVE-2026-41481 LangChain: HTMLHeaderTextSplitter.split_text_from_url SSRF Redirect Bypass — langchain-text-splittersCWE-918 6.5 Medium2026-04-24
CVE-2026-41182 LangSmith SDK: Streaming token events bypass output redaction — langsmith-sdkCWE-200 5.3 Medium2026-04-23
CVE-2026-40190 LangSmith Client SDKs has Prototype Pollution in langsmith-sdk via Incomplete `__proto__` Guard in Internal lodash `set()` — langsmith-sdkCWE-1321 5.6 Medium2026-04-10
CVE-2026-40087 LangChain has incomplete f-string validation in prompt templates — langchainCWE-1336 5.3 Medium2026-04-09
CVE-2026-34070 LangChain Core has Path Traversal vulnerabilites in legacy `load_prompt` functions — langchainCWE-22 7.5 High2026-03-31
CVE-2026-28277 LangGraph: Unsafe msgpack deserialization in LangGraph checkpoint loading — langgraphCWE-502 6.8 Medium2026-03-05
CVE-2026-25750 LangSmith Studio has URL Parameter Injection Vulnerability that Enables Token Theft via Malicious baseUrl — helmCWE-74 8.9AIHighAI2026-03-04
CVE-2026-27795 LangChain Community: redirect chaining can lead to SSRF bypass via RecursiveUrlLoader — langchainjsCWE-918 4.1 Medium2026-02-25
CVE-2026-27794 LangGraph: BaseCache Deserialization of Untrusted Data may lead to Remote Code Execution — langgraph-checkpointCWE-502 6.6 Medium2026-02-25
CVE-2026-27022 RediSearch Query Injection in @langchain/langgraph-checkpoint-redis — langgraphjsCWE-74 6.5 Medium2026-02-20
CVE-2026-26019 @langchain/community affected by SSRF Bypass in RecursiveUrlLoader via insufficient URL origin validation — langchainjsCWE-918 4.1 Medium2026-02-11
CVE-2026-26013 LangChain affected by SSRF via image_url token counting in ChatOpenAI.get_num_tokens_from_messages — langchainCWE-918 3.7 Low2026-02-10
CVE-2026-25528 LangSmith Client SDK Affected by Server-Side Request Forgery via Tracing Header Injection — langsmith-sdkCWE-918 5.8 Medium2026-02-09
CVE-2025-68665 LangChain serialization injection vulnerability enables secret extraction — langchainjsCWE-502 8.6 High2025-12-23
CVE-2025-68664 LangChain serialization injection vulnerability enables secret extraction in dumps/loads APIs — langchainCWE-502 9.3 Critical2025-12-23
CVE-2025-67644 LangGraph SQLite Checkpoint is vulnerable to SQL Injection via metadata filter key in checkpointer list method — langgraphCWE-89 7.3 High2025-12-10
CVE-2025-65106 LangChain Vulnerable to Template Injection via Attribute Access in Prompt Templates — langchainCWE-1336 8.8 -2025-11-21
CVE-2025-64439 LangGraph Checkpoint affected by RCE in "json" mode of JsonPlusSerializer — langgraphCWE-502 8.8 -2025-11-07
CVE-2025-64104 LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore — langgraphCWE-89 7.3 High2025-10-29
CVE-2025-8709 SQL Injection in langchain-ai/langchain — langchain-ai/langchainCWE-89 9.8 -2025-10-26
CVE-2025-6985 XXE Vulnerability in langchain-ai/langchain — langchain-ai/langchainCWE-611 7.5AIHighAI2025-10-06
CVE-2025-6984 Sensitive Information Disclosure Due to Insecure XML Parsing in langchain-ai/langchain — langchain-ai/langchainCWE-200 7.5 -2025-09-04
CVE-2025-2828 SSRF Vulnerability in RequestsToolkit in langchain-ai/langchain — langchain-ai/langchainCWE-918 7.5 -2025-06-23
CVE-2024-10940 Exposure of Sensitive System Information via ImagePromptTemplate in langchain-ai/langchain — langchain-ai/langchainCWE-497 7.5 -2025-03-20
CVE-2024-8309 SQL Injection in langchain-ai/langchain — langchain-ai/langchainCWE-89 9.8 -2024-10-29
CVE-2024-7042 Prompt Injection in langchain-ai/langchainjs Leading to SQL Injection — langchain-ai/langchainjsCWE-89 9.8AICriticalAI2024-10-29
CVE-2024-7774 Path Traversal in langchain-ai/langchainjs — langchain-ai/langchainjsCWE-29 9.8AICriticalAI2024-10-29
CVE-2024-5998 Deserialization of Untrusted Data in langchain-ai/langchain — langchain-ai/langchainCWE-502 9.8 -2024-09-17
CVE-2024-2965 Denial-of-Service in LangChain SitemapLoader in langchain-ai/langchain — langchain-ai/langchainCWE-674 7.5AIHighAI2024-06-06

This page lists every published CVE security advisory associated with langchain-ai. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.