Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/84528?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/84528?format=api", "purl": "pkg:pypi/langchain-core@0.2.0", "type": "pypi", "namespace": "", "name": "langchain-core", "version": "0.2.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "0.3.85", "latest_non_vulnerable_version": "1.3.3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56929?format=api", "vulnerability_id": "VCID-4u9s-4vzv-zfhm", "summary": "langchain-core allows unauthorized users to read arbitrary files from the host file system\nA vulnerability in langchain-core versions >=0.1.17,<0.1.53, >=0.2.0,<0.2.43, and >=0.3.0,<0.3.15 allows unauthorized users to read arbitrary files from the host file system. The issue arises from the ability to create langchain_core.prompts.ImagePromptTemplate's (and by extension langchain_core.prompts.ChatPromptTemplate's) with input variables that can read any user-specified path from the server file system. If the outputs of these prompt templates are exposed to the user, either directly or through downstream model outputs, it can lead to the exposure of sensitive information.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10940.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10940.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10940", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.51085", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.51069", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.51091", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10940" }, { "reference_url": "https://github.com/langchain-ai/langchain", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/langchain-ai/langchain" }, { "reference_url": "https://github.com/langchain-ai/langchain/commit/7d481f10102f43559cc57bcad7eba291067939ee", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/langchain-ai/langchain/commit/7d481f10102f43559cc57bcad7eba291067939ee" }, { "reference_url": "https://github.com/langchain-ai/langchain/commit/c1e742347f9701aadba8920e4d1f79a636e50b68", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T17:54:57Z/" } ], "url": "https://github.com/langchain-ai/langchain/commit/c1e742347f9701aadba8920e4d1f79a636e50b68" }, { "reference_url": "https://github.com/langchain-ai/langchain/commit/e711034713259ae448981bc0fd1d7a5671499c31", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/langchain-ai/langchain/commit/e711034713259ae448981bc0fd1d7a5671499c31" }, { "reference_url": "https://huntr.com/bounties/be1ee1cb-2147-4ff4-a57b-b6045271cf27", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T17:54:57Z/" } ], "url": "https://huntr.com/bounties/be1ee1cb-2147-4ff4-a57b-b6045271cf27" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2353815", "reference_id": "2353815", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2353815" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10940", "reference_id": "CVE-2024-10940", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10940" }, { "reference_url": "https://github.com/advisories/GHSA-5chr-fjjv-38qv", "reference_id": "GHSA-5chr-fjjv-38qv", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-5chr-fjjv-38qv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/84531?format=api", "purl": "pkg:pypi/langchain-core@0.2.43", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-61vg-ekxn-hqfv" }, { "vulnerability": "VCID-8fbt-6heb-uyg1" }, { "vulnerability": "VCID-91ur-jaq8-xqcj" }, { "vulnerability": "VCID-rn2w-tbct-4ygj" }, { "vulnerability": "VCID-z7kv-vrhw-1qad" }, { "vulnerability": "VCID-zb77-fwdy-dbfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-core@0.2.43" }, { "url": "http://public2.vulnerablecode.io/api/packages/84532?format=api", "purl": "pkg:pypi/langchain-core@0.3.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-61vg-ekxn-hqfv" }, { "vulnerability": "VCID-8fbt-6heb-uyg1" }, { "vulnerability": "VCID-91ur-jaq8-xqcj" }, { "vulnerability": "VCID-rn2w-tbct-4ygj" }, { "vulnerability": "VCID-z7kv-vrhw-1qad" }, { "vulnerability": "VCID-zb77-fwdy-dbfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-core@0.3.15" } ], "aliases": [ "CVE-2024-10940", "GHSA-5chr-fjjv-38qv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4u9s-4vzv-zfhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50114?format=api", "vulnerability_id": "VCID-61vg-ekxn-hqfv", "summary": "LangChain affected by SSRF via image_url token counting in ChatOpenAI.get_num_tokens_from_messages\nThe `ChatOpenAI.get_num_tokens_from_messages()` method fetches arbitrary `image_url` values without validation when computing token counts for vision-enabled models. This allows attackers to trigger Server-Side Request Forgery (SSRF) attacks by providing malicious image URLs in user input.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26013.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26013.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26013", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05476", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05492", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05475", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26013" }, { "reference_url": "https://github.com/langchain-ai/langchain", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/langchain-ai/langchain" }, { "reference_url": "https://github.com/langchain-ai/langchain/commit/2b4b1dc29a833d4053deba4c2b77a3848c834565", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T21:26:20Z/" } ], "url": "https://github.com/langchain-ai/langchain/commit/2b4b1dc29a833d4053deba4c2b77a3848c834565" }, { "reference_url": "https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D1.2.11", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T21:26:20Z/" } ], "url": "https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D1.2.11" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438772", "reference_id": "2438772", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438772" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26013", "reference_id": "CVE-2026-26013", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26013" }, { "reference_url": "https://github.com/advisories/GHSA-2g6r-c272-w58r", "reference_id": "GHSA-2g6r-c272-w58r", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2g6r-c272-w58r" }, { "reference_url": "https://github.com/langchain-ai/langchain/security/advisories/GHSA-2g6r-c272-w58r", "reference_id": "GHSA-2g6r-c272-w58r", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T21:26:20Z/" } ], "url": "https://github.com/langchain-ai/langchain/security/advisories/GHSA-2g6r-c272-w58r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74005?format=api", "purl": "pkg:pypi/langchain-core@1.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rn2w-tbct-4ygj" }, { "vulnerability": "VCID-z7kv-vrhw-1qad" }, { "vulnerability": "VCID-zb77-fwdy-dbfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-core@1.2.11" } ], "aliases": [ "CVE-2026-26013", "GHSA-2g6r-c272-w58r" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-61vg-ekxn-hqfv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49505?format=api", "vulnerability_id": "VCID-8fbt-6heb-uyg1", "summary": "LangChain serialization injection vulnerability enables secret extraction in dumps/loads APIs\nA serialization injection vulnerability exists in LangChain's `dumps()` and `dumpd()` functions. The functions do not escape dictionaries with `'lc'` keys when serializing free-form dictionaries. The `'lc'` key is used internally by LangChain to mark serialized objects. When user-controlled data contains this key structure, it is treated as a legitimate LangChain object during deserialization rather than plain user data.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68664.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68664.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-68664", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02624", "scoring_system": "epss", "scoring_elements": "0.85979", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02624", "scoring_system": "epss", "scoring_elements": "0.85975", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-68664" }, { "reference_url": "https://github.com/langchain-ai/langchain", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/langchain-ai/langchain" }, { "reference_url": "https://github.com/langchain-ai/langchain/commit/5ec0fa69de31bbe3d76e4cf9cd65a6accb8466c8", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-24T14:40:55Z/" } ], "url": "https://github.com/langchain-ai/langchain/commit/5ec0fa69de31bbe3d76e4cf9cd65a6accb8466c8" }, { "reference_url": "https://github.com/langchain-ai/langchain/commit/d9ec4c5cc78960abd37da79b0250f5642e6f0ce6", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-24T14:40:55Z/" } ], "url": "https://github.com/langchain-ai/langchain/commit/d9ec4c5cc78960abd37da79b0250f5642e6f0ce6" }, { "reference_url": "https://github.com/langchain-ai/langchain/pull/34455", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-24T14:40:55Z/" } ], "url": "https://github.com/langchain-ai/langchain/pull/34455" }, { "reference_url": "https://github.com/langchain-ai/langchain/pull/34458", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-24T14:40:55Z/" } ], "url": "https://github.com/langchain-ai/langchain/pull/34458" }, { "reference_url": "https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D0.3.81", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-24T14:40:55Z/" } ], "url": "https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D0.3.81" }, { "reference_url": "https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D1.2.5", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-24T14:40:55Z/" } ], "url": "https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D1.2.5" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2424790", "reference_id": "2424790", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2424790" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52514.py", "reference_id": "CVE-2025-68664", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52514.py" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68664", "reference_id": "CVE-2025-68664", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68664" }, { "reference_url": "https://github.com/advisories/GHSA-c67j-w6g6-q2cm", "reference_id": "GHSA-c67j-w6g6-q2cm", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c67j-w6g6-q2cm" }, { "reference_url": "https://github.com/langchain-ai/langchain/security/advisories/GHSA-c67j-w6g6-q2cm", "reference_id": "GHSA-c67j-w6g6-q2cm", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-24T14:40:55Z/" } ], "url": "https://github.com/langchain-ai/langchain/security/advisories/GHSA-c67j-w6g6-q2cm" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0406", "reference_id": "RHSA-2026:0406", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0406" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0408", "reference_id": "RHSA-2026:0408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0409", "reference_id": "RHSA-2026:0409", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1610", "reference_id": "RHSA-2026:1610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1610" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73092?format=api", "purl": "pkg:pypi/langchain-core@0.3.81", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-61vg-ekxn-hqfv" }, { "vulnerability": "VCID-rn2w-tbct-4ygj" }, { "vulnerability": "VCID-z7kv-vrhw-1qad" }, { "vulnerability": "VCID-zb77-fwdy-dbfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-core@0.3.81" }, { "url": "http://public2.vulnerablecode.io/api/packages/921249?format=api", "purl": "pkg:pypi/langchain-core@0.4.0.dev0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-61vg-ekxn-hqfv" }, { "vulnerability": "VCID-zb77-fwdy-dbfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-core@0.4.0.dev0" }, { "url": "http://public2.vulnerablecode.io/api/packages/73091?format=api", "purl": "pkg:pypi/langchain-core@1.2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-61vg-ekxn-hqfv" }, { "vulnerability": "VCID-rn2w-tbct-4ygj" }, { "vulnerability": "VCID-z7kv-vrhw-1qad" }, { "vulnerability": "VCID-zb77-fwdy-dbfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-core@1.2.5" } ], "aliases": [ "CVE-2025-68664", "GHSA-c67j-w6g6-q2cm" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8fbt-6heb-uyg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48427?format=api", "vulnerability_id": "VCID-91ur-jaq8-xqcj", "summary": "Duplicate\nThis advisory duplicates another.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-65106.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-65106.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-65106", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16548", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16593", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.1659", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-65106" }, { "reference_url": "https://github.com/langchain-ai/langchain", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/langchain-ai/langchain" }, { "reference_url": "https://github.com/langchain-ai/langchain/commit/c4b6ba254e1a49ed91f2e268e6484011c540542a", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-21T21:53:02Z/" } ], "url": "https://github.com/langchain-ai/langchain/commit/c4b6ba254e1a49ed91f2e268e6484011c540542a" }, { "reference_url": "https://github.com/langchain-ai/langchain/commit/fa7789d6c21222b85211755d822ef698d3b34e00", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-21T21:53:02Z/" } ], "url": "https://github.com/langchain-ai/langchain/commit/fa7789d6c21222b85211755d822ef698d3b34e00" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416504", "reference_id": "2416504", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416504" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65106", "reference_id": "CVE-2025-65106", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65106" }, { "reference_url": "https://github.com/advisories/GHSA-6qv9-48xg-fc7f", "reference_id": "GHSA-6qv9-48xg-fc7f", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6qv9-48xg-fc7f" }, { "reference_url": "https://github.com/langchain-ai/langchain/security/advisories/GHSA-6qv9-48xg-fc7f", "reference_id": "GHSA-6qv9-48xg-fc7f", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-21T21:53:02Z/" } ], "url": "https://github.com/langchain-ai/langchain/security/advisories/GHSA-6qv9-48xg-fc7f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/71480?format=api", "purl": "pkg:pypi/langchain-core@0.3.80", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-61vg-ekxn-hqfv" }, { "vulnerability": "VCID-8fbt-6heb-uyg1" }, { "vulnerability": "VCID-rn2w-tbct-4ygj" }, { "vulnerability": "VCID-z7kv-vrhw-1qad" }, { "vulnerability": "VCID-zb77-fwdy-dbfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-core@0.3.80" }, { "url": "http://public2.vulnerablecode.io/api/packages/71479?format=api", "purl": "pkg:pypi/langchain-core@1.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-61vg-ekxn-hqfv" }, { "vulnerability": "VCID-8fbt-6heb-uyg1" }, { "vulnerability": "VCID-rn2w-tbct-4ygj" }, { "vulnerability": "VCID-z7kv-vrhw-1qad" }, { "vulnerability": "VCID-zb77-fwdy-dbfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-core@1.0.7" } ], "aliases": [ "CVE-2025-65106", "GHSA-6qv9-48xg-fc7f" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-91ur-jaq8-xqcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95522?format=api", "vulnerability_id": "VCID-rn2w-tbct-4ygj", "summary": "LangChain vulnerable to unsafe deserialization of attacker-controlled objects through overly broad `load()` allowlists\nLangChain contains older runtime code paths that deserialize run inputs, run outputs, or other application-controlled payloads using overly broad object allowlists. These paths may call `load()` with `allowed_objects=\"all\"`. This does not enable arbitrary Python object deserialization, but it does allow any trusted LangChain-serializable object to be revived, which is broader than these runtime paths require. As a result, attacker-supplied LangChain serialized constructor dictionaries may cause trusted runtime paths to instantiate classes with untrusted constructor arguments.\n\nApplications are exposed only when all of the following are true:\n\n1. The application accepts untrusted structured input, such as JSON, from a user or network request.\n2. The application does not validate or canonicalize that input into an inert schema before invoking LangChain.\n3. Attacker-controlled nested dictionaries or lists are preserved in LangChain run inputs or outputs.\n4. The application uses an affected API path that later deserializes that run data.\n\nKnown affected runtime surfaces include:\n\n- `RunnableWithMessageHistory`\n- `astream_log()`\n- `astream_events(version=\"v1\")`\n\nRelated unsafe deserialization patterns may also affect applications that explicitly load serialized LangChain prompt or runnable objects from untrusted sources, including shared prompt stores, Hub artifacts with model configuration, or other application-controlled serialization stores.\n\nApplications that validate incoming requests against a fixed schema, such as coercing user input to a plain string or message-content field before invoking LangChain, are unlikely to expose this deserialization primitive.\n\nThis release also fixes a related secret-marker validation bypass in the serialization and deserialization layer (`_is_lc_secret`). That issue creates an additional path by which attacker-controlled constructor dictionaries can avoid escaping during `dumps()` -> `loads()` round-trips and reach LangChain object revival logic.\n\n## Impact\n\nAn attacker who can submit untrusted structured input to an affected application, and have that structure preserved in LangChain run data, may be able to inject LangChain serialized constructor payloads such as:\n\n```json\n{\n \"lc\": 1,\n \"type\": \"constructor\",\n \"id\": [\"langchain_core\", \"messages\", \"ai\", \"AIMessage\"],\n \"kwargs\": {\"content\": \"attacker-controlled content\"}\n}\n```\n\nIf this payload reaches a broad `load()` call, LangChain may instantiate the referenced class instead of treating the payload as inert user data.\n\nRealistic impacts include:\n\n- Persistent chat-history poisoning when revived `AIMessage`, `HumanMessage`, or `SystemMessage` objects are stored by `RunnableWithMessageHistory`.\n- Prompt injection or behavior manipulation if attacker-controlled messages are later included in model context.\n- Instantiation of unexpected trusted LangChain objects with attacker-controlled constructor arguments.\n- Possible credential disclosure or server-side requests if a reachable object reads environment credentials, creates clients, or contacts attacker-controlled endpoints during initialization.\n- Additional prompt-template or runnable-configuration impacts in applications that separately load and execute untrusted serialized LangChain objects.\n\n## Remediation\n\nLangChain will deprecate the affected APIs as part of this fix:\n\n- `RunnableWithMessageHistory`\n- `astream_log()`\n- `astream_events(version=\"v1\")`\n\nThese are older code paths that are no longer recommended for new applications. They were not previously marked as deprecated, but recent LangChain documentation has primarily directed users toward newer streaming and memory patterns, including the `stream` API. Applications should migrate to the currently recommended APIs rather than continue depending on these older surfaces.\n\nSeparately, LangChain will update `load()` and `loads()` to tighten deserialization behavior so broad object revival is not applied implicitly to untrusted or application-controlled payloads. The older runtime surfaces listed above are being deprecated rather than preserved as supported paths for broad runtime deserialization.\n\nThis release also fixes a related secret-marker validation bypass in the serialization and deserialization layer (`_is_lc_secret`). That issue creates an additional path by which attacker-controlled constructor dictionaries can avoid escaping during `dumps()` -> `loads()` round-trips and reach LangChain object revival logic.\n\n## Guidance for `load()` and `loads()`\n\n`load()` and `loads()` should be used only with trusted LangChain manifests or serialized objects from trusted storage. Do not pass user-controlled data to `load()` or `loads()`, and do not use them as general parsers for request bodies, tool inputs, chat messages, or other attacker-controlled data.\n\n`load()` and `loads()` are beta APIs, and their behavior may change as LangChain narrows unsafe defaults. Future LangChain versions will require callers to be explicit about which objects may be revived. Users should pass a narrow `allowed_objects` value appropriate for the specific trusted manifest they are loading, rather than relying on broad defaults or `allowed_objects=\"all\"`, which permits the full trusted LangChain serialization allowlist.\n\n## Credits\n\nThe original issue was first reported by @u-ktdi.\n\nSimilar findings were reported by @dewankpant, @shrutilohani, @Moaaz-0x, @pucagit.\n\nA related `_is_lc_secret` marker bypass affecting `dumps()` -> `loads()` round-trips was reported by @yardenporat353 (and a similar report by @localhost-detect)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-44843", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.14198", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.1423", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.14233", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-44843" }, { "reference_url": "https://github.com/langchain-ai/langchain", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/langchain-ai/langchain" }, { "reference_url": "https://github.com/langchain-ai/langchain/security/advisories/GHSA-pjwx-r37v-7724", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T14:06:50Z/" } ], "url": "https://github.com/langchain-ai/langchain/security/advisories/GHSA-pjwx-r37v-7724" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44843", "reference_id": "CVE-2026-44843", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44843" }, { "reference_url": "https://github.com/advisories/GHSA-pjwx-r37v-7724", "reference_id": "GHSA-pjwx-r37v-7724", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pjwx-r37v-7724" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/119708?format=api", "purl": "pkg:pypi/langchain-core@0.3.85", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-core@0.3.85" }, { "url": "http://public2.vulnerablecode.io/api/packages/119707?format=api", "purl": "pkg:pypi/langchain-core@1.3.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-core@1.3.3" } ], "aliases": [ "CVE-2026-44843", "GHSA-pjwx-r37v-7724" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rn2w-tbct-4ygj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62924?format=api", "vulnerability_id": "VCID-z7kv-vrhw-1qad", "summary": "langchain: incomplete f-string validation in prompt templates", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40087.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40087.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-40087", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17482", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17523", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17518", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-40087" }, { "reference_url": "https://github.com/langchain-ai/langchain", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/langchain-ai/langchain" }, { "reference_url": "https://github.com/langchain-ai/langchain/commit/6bab0ba3c12328008ddca3e0d54ff5a6151cd27b", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T14:47:52Z/" } ], "url": "https://github.com/langchain-ai/langchain/commit/6bab0ba3c12328008ddca3e0d54ff5a6151cd27b" }, { "reference_url": "https://github.com/langchain-ai/langchain/commit/af2ed47c6f008cdd551f3c0d87db3774c8dfe258", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T14:47:52Z/" } ], "url": "https://github.com/langchain-ai/langchain/commit/af2ed47c6f008cdd551f3c0d87db3774c8dfe258" }, { "reference_url": "https://github.com/langchain-ai/langchain/pull/36612", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T14:47:52Z/" } ], "url": "https://github.com/langchain-ai/langchain/pull/36612" }, { "reference_url": "https://github.com/langchain-ai/langchain/pull/36613", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T14:47:52Z/" } ], "url": "https://github.com/langchain-ai/langchain/pull/36613" }, { "reference_url": "https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D0.3.84", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T14:47:52Z/" } ], "url": "https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D0.3.84" }, { "reference_url": "https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D1.2.28", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T14:47:52Z/" } ], "url": "https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D1.2.28" }, { "reference_url": "https://github.com/langchain-ai/langchain/security/advisories/GHSA-926x-3r5x-gfhw", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T14:47:52Z/" } ], "url": "https://github.com/langchain-ai/langchain/security/advisories/GHSA-926x-3r5x-gfhw" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40087", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40087" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457024", "reference_id": "2457024", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457024" }, { "reference_url": "https://github.com/advisories/GHSA-926x-3r5x-gfhw", "reference_id": "GHSA-926x-3r5x-gfhw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-926x-3r5x-gfhw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/111126?format=api", "purl": "pkg:pypi/langchain-core@0.3.84", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rn2w-tbct-4ygj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-core@0.3.84" }, { "url": "http://public2.vulnerablecode.io/api/packages/921249?format=api", "purl": "pkg:pypi/langchain-core@0.4.0.dev0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-61vg-ekxn-hqfv" }, { "vulnerability": "VCID-zb77-fwdy-dbfy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-core@0.4.0.dev0" }, { "url": "http://public2.vulnerablecode.io/api/packages/111127?format=api", "purl": "pkg:pypi/langchain-core@1.2.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rn2w-tbct-4ygj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-core@1.2.28" } ], "aliases": [ "CVE-2026-40087", "GHSA-926x-3r5x-gfhw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z7kv-vrhw-1qad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63944?format=api", "vulnerability_id": "VCID-zb77-fwdy-dbfy", "summary": "langchain: path traversal in legacy load_prompt functions in langchain-core", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34070.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34070.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34070", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10901", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1089", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11373", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34070" }, { "reference_url": "https://github.com/langchain-ai/langchain", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/langchain-ai/langchain" }, { "reference_url": "https://github.com/langchain-ai/langchain/commit/27add913474e01e33bededf4096151130ba0d47c", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:17:33Z/" } ], "url": "https://github.com/langchain-ai/langchain/commit/27add913474e01e33bededf4096151130ba0d47c" }, { "reference_url": "https://github.com/langchain-ai/langchain/releases/tag/langchain-core==1.2.22", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:17:33Z/" } ], "url": "https://github.com/langchain-ai/langchain/releases/tag/langchain-core==1.2.22" }, { "reference_url": "https://github.com/langchain-ai/langchain/security/advisories/GHSA-qh6h-p6c9-ff54", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T15:17:33Z/" } ], "url": "https://github.com/langchain-ai/langchain/security/advisories/GHSA-qh6h-p6c9-ff54" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34070", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34070" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453287", "reference_id": "2453287", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453287" }, { "reference_url": "https://github.com/advisories/GHSA-qh6h-p6c9-ff54", "reference_id": "GHSA-qh6h-p6c9-ff54", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qh6h-p6c9-ff54" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/114400?format=api", "purl": "pkg:pypi/langchain-core@1.2.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-rn2w-tbct-4ygj" }, { "vulnerability": "VCID-z7kv-vrhw-1qad" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-core@1.2.22" } ], "aliases": [ "CVE-2026-34070", "GHSA-qh6h-p6c9-ff54" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zb77-fwdy-dbfy" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-core@0.2.0" }