{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58067?format=json","vulnerability_id":"VCID-wjve-gbrh-5khy","summary":"Langchain Community Vulnerable to XML External Entity (XXE) Attacks\nThe langchain-ai/langchain project, specifically the EverNoteLoader component, is vulnerable to XML External Entity (XXE) attacks due to insecure XML parsing. The vulnerability arises from the use of etree.iterparse() without disabling external entity references, which can lead to sensitive information disclosure. An attacker could exploit this by crafting a malicious XML payload that references local files, potentially exposing sensitive data such as /etc/passwd. This issue has been fixed in 0.3.27 of langchain-community.","aliases":[{"alias":"CVE-2025-6984"},{"alias":"GHSA-pc6w-59fv-rh23"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86399?format=json","purl":"pkg:pypi/langchain-community@0.3.27","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.27"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45836?format=json","purl":"pkg:pypi/langchain-community@0.0.1rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.1rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/45837?format=json","purl":"pkg:pypi/langchain-community@0.0.1rc2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.1rc2"},{"url":"http://public2.vulnerablecode.io/api/packages/45838?format=json","purl":"pkg:pypi/langchain-community@0.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/45839?format=json","purl":"pkg:pypi/langchain-community@0.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/45840?format=json","purl":"pkg:pypi/langchain-community@0.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/45841?format=json","purl":"pkg:pypi/langchain-community@0.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/45842?format=json","purl":"pkg:pypi/langchain-community@0.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/45843?format=json","purl":"pkg:pypi/langchain-community@0.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/45844?format=json","purl":"pkg:pypi/langchain-community@0.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/45845?format=json","purl":"pkg:pypi/langchain-community@0.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/45846?format=json","purl":"pkg:pypi/langchain-community@0.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/45847?format=json","purl":"pkg:pypi/langchain-community@0.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/45848?format=json","purl":"pkg:pypi/langchain-community@0.0.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.11"},{"url":"http://public2.vulnerablecode.io/api/packages/45849?format=json","purl":"pkg:pypi/langchain-community@0.0.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.12"},{"url":"http://public2.vulnerablecode.io/api/packages/45850?format=json","purl":"pkg:pypi/langchain-community@0.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/45851?format=json","purl":"pkg:pypi/langchain-community@0.0.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/45852?format=json","purl":"pkg:pypi/langchain-community@0.0.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/45853?format=json","purl":"pkg:pypi/langchain-community@0.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.16"},{"url":"http://public2.vulnerablecode.io/api/packages/45854?format=json","purl":"pkg:pypi/langchain-community@0.0.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.17"},{"url":"http://public2.vulnerablecode.io/api/packages/45855?format=json","purl":"pkg:pypi/langchain-community@0.0.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.18"},{"url":"http://public2.vulnerablecode.io/api/packages/45856?format=json","purl":"pkg:pypi/langchain-community@0.0.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.19"},{"url":"http://public2.vulnerablecode.io/api/packages/45857?format=json","purl":"pkg:pypi/langchain-community@0.0.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.20"},{"url":"http://public2.vulnerablecode.io/api/packages/45858?format=json","purl":"pkg:pypi/langchain-community@0.0.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.21"},{"url":"http://public2.vulnerablecode.io/api/packages/45859?format=json","purl":"pkg:pypi/langchain-community@0.0.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.22"},{"url":"http://public2.vulnerablecode.io/api/packages/45860?format=json","purl":"pkg:pypi/langchain-community@0.0.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.23"},{"url":"http://public2.vulnerablecode.io/api/packages/45861?format=json","purl":"pkg:pypi/langchain-community@0.0.24","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.24"},{"url":"http://public2.vulnerablecode.io/api/packages/45862?format=json","purl":"pkg:pypi/langchain-community@0.0.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.25"},{"url":"http://public2.vulnerablecode.io/api/packages/45863?format=json","purl":"pkg:pypi/langchain-community@0.0.26","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.26"},{"url":"http://public2.vulnerablecode.io/api/packages/45864?format=json","purl":"pkg:pypi/langchain-community@0.0.27","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-n4qg-8vj9-dke9"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.27"},{"url":"http://public2.vulnerablecode.io/api/packages/45865?format=json","purl":"pkg:pypi/langchain-community@0.0.28","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.28"},{"url":"http://public2.vulnerablecode.io/api/packages/743306?format=json","purl":"pkg:pypi/langchain-community@0.0.29","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.29"},{"url":"http://public2.vulnerablecode.io/api/packages/743307?format=json","purl":"pkg:pypi/langchain-community@0.0.30","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.30"},{"url":"http://public2.vulnerablecode.io/api/packages/743308?format=json","purl":"pkg:pypi/langchain-community@0.0.31","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.31"},{"url":"http://public2.vulnerablecode.io/api/packages/743309?format=json","purl":"pkg:pypi/langchain-community@0.0.32","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.32"},{"url":"http://public2.vulnerablecode.io/api/packages/743310?format=json","purl":"pkg:pypi/langchain-community@0.0.33","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.33"},{"url":"http://public2.vulnerablecode.io/api/packages/743311?format=json","purl":"pkg:pypi/langchain-community@0.0.34","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.34"},{"url":"http://public2.vulnerablecode.io/api/packages/743312?format=json","purl":"pkg:pypi/langchain-community@0.0.35","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.35"},{"url":"http://public2.vulnerablecode.io/api/packages/743313?format=json","purl":"pkg:pypi/langchain-community@0.0.36","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.36"},{"url":"http://public2.vulnerablecode.io/api/packages/743314?format=json","purl":"pkg:pypi/langchain-community@0.0.37","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.37"},{"url":"http://public2.vulnerablecode.io/api/packages/743315?format=json","purl":"pkg:pypi/langchain-community@0.0.38","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.0.38"},{"url":"http://public2.vulnerablecode.io/api/packages/743316?format=json","purl":"pkg:pypi/langchain-community@0.2.0rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.0rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/43778?format=json","purl":"pkg:pypi/langchain-community@0.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/43779?format=json","purl":"pkg:pypi/langchain-community@0.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/43780?format=json","purl":"pkg:pypi/langchain-community@0.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/43781?format=json","purl":"pkg:pypi/langchain-community@0.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-7teg-apyx-47dv"},{"vulnerability":"VCID-964p-24u8-yucb"},{"vulnerability":"VCID-hdc6-zar9-zkf2"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/43782?format=json","purl":"pkg:pypi/langchain-community@0.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.4"},{"url":"http://public2.vulnerablecode.io/api/packages/43783?format=json","purl":"pkg:pypi/langchain-community@0.2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.5"},{"url":"http://public2.vulnerablecode.io/api/packages/43784?format=json","purl":"pkg:pypi/langchain-community@0.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/43785?format=json","purl":"pkg:pypi/langchain-community@0.2.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.7"},{"url":"http://public2.vulnerablecode.io/api/packages/43786?format=json","purl":"pkg:pypi/langchain-community@0.2.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.9"},{"url":"http://public2.vulnerablecode.io/api/packages/43787?format=json","purl":"pkg:pypi/langchain-community@0.2.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.10"},{"url":"http://public2.vulnerablecode.io/api/packages/43788?format=json","purl":"pkg:pypi/langchain-community@0.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.11"},{"url":"http://public2.vulnerablecode.io/api/packages/43789?format=json","purl":"pkg:pypi/langchain-community@0.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.12"},{"url":"http://public2.vulnerablecode.io/api/packages/43790?format=json","purl":"pkg:pypi/langchain-community@0.2.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.13"},{"url":"http://public2.vulnerablecode.io/api/packages/43791?format=json","purl":"pkg:pypi/langchain-community@0.2.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.14"},{"url":"http://public2.vulnerablecode.io/api/packages/43792?format=json","purl":"pkg:pypi/langchain-community@0.2.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.15"},{"url":"http://public2.vulnerablecode.io/api/packages/43793?format=json","purl":"pkg:pypi/langchain-community@0.2.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.16"},{"url":"http://public2.vulnerablecode.io/api/packages/43794?format=json","purl":"pkg:pypi/langchain-community@0.2.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.17"},{"url":"http://public2.vulnerablecode.io/api/packages/43795?format=json","purl":"pkg:pypi/langchain-community@0.2.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.18"},{"url":"http://public2.vulnerablecode.io/api/packages/43796?format=json","purl":"pkg:pypi/langchain-community@0.2.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.2.19"},{"url":"http://public2.vulnerablecode.io/api/packages/43797?format=json","purl":"pkg:pypi/langchain-community@0.3.0.dev1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.0.dev1"},{"url":"http://public2.vulnerablecode.io/api/packages/43798?format=json","purl":"pkg:pypi/langchain-community@0.3.0.dev2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-23um-cqks-tkc5"},{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.0.dev2"},{"url":"http://public2.vulnerablecode.io/api/packages/43799?format=json","purl":"pkg:pypi/langchain-community@0.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/857769?format=json","purl":"pkg:pypi/langchain-community@0.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/857770?format=json","purl":"pkg:pypi/langchain-community@0.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/857771?format=json","purl":"pkg:pypi/langchain-community@0.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.3"},{"url":"http://public2.vulnerablecode.io/api/packages/857772?format=json","purl":"pkg:pypi/langchain-community@0.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/857773?format=json","purl":"pkg:pypi/langchain-community@0.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/857774?format=json","purl":"pkg:pypi/langchain-community@0.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/857775?format=json","purl":"pkg:pypi/langchain-community@0.3.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.7"},{"url":"http://public2.vulnerablecode.io/api/packages/857776?format=json","purl":"pkg:pypi/langchain-community@0.3.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.8"},{"url":"http://public2.vulnerablecode.io/api/packages/857777?format=json","purl":"pkg:pypi/langchain-community@0.3.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.9"},{"url":"http://public2.vulnerablecode.io/api/packages/857778?format=json","purl":"pkg:pypi/langchain-community@0.3.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.10"},{"url":"http://public2.vulnerablecode.io/api/packages/857779?format=json","purl":"pkg:pypi/langchain-community@0.3.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.11"},{"url":"http://public2.vulnerablecode.io/api/packages/857780?format=json","purl":"pkg:pypi/langchain-community@0.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/857781?format=json","purl":"pkg:pypi/langchain-community@0.3.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.13"},{"url":"http://public2.vulnerablecode.io/api/packages/857782?format=json","purl":"pkg:pypi/langchain-community@0.3.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.14"},{"url":"http://public2.vulnerablecode.io/api/packages/857783?format=json","purl":"pkg:pypi/langchain-community@0.3.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.15"},{"url":"http://public2.vulnerablecode.io/api/packages/857784?format=json","purl":"pkg:pypi/langchain-community@0.3.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.16"},{"url":"http://public2.vulnerablecode.io/api/packages/857785?format=json","purl":"pkg:pypi/langchain-community@0.3.17rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.17rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/857786?format=json","purl":"pkg:pypi/langchain-community@0.3.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.17"},{"url":"http://public2.vulnerablecode.io/api/packages/857787?format=json","purl":"pkg:pypi/langchain-community@0.3.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.18"},{"url":"http://public2.vulnerablecode.io/api/packages/857788?format=json","purl":"pkg:pypi/langchain-community@0.3.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.19"},{"url":"http://public2.vulnerablecode.io/api/packages/857789?format=json","purl":"pkg:pypi/langchain-community@0.3.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.20"},{"url":"http://public2.vulnerablecode.io/api/packages/857790?format=json","purl":"pkg:pypi/langchain-community@0.3.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.21"},{"url":"http://public2.vulnerablecode.io/api/packages/857791?format=json","purl":"pkg:pypi/langchain-community@0.3.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.22"},{"url":"http://public2.vulnerablecode.io/api/packages/857792?format=json","purl":"pkg:pypi/langchain-community@0.3.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.23"},{"url":"http://public2.vulnerablecode.io/api/packages/857793?format=json","purl":"pkg:pypi/langchain-community@0.3.24","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.24"},{"url":"http://public2.vulnerablecode.io/api/packages/857794?format=json","purl":"pkg:pypi/langchain-community@0.3.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.25"},{"url":"http://public2.vulnerablecode.io/api/packages/857795?format=json","purl":"pkg:pypi/langchain-community@0.3.26","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wjve-gbrh-5khy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/langchain-community@0.3.26"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6984.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6984.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6984","reference_id":"","reference_type":"","scores":[{"value":"0.01922","scoring_system":"epss","scoring_elements":"0.83716","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01922","scoring_system":"epss","scoring_elements":"0.83713","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01922","scoring_system":"epss","scoring_elements":"0.83714","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01922","scoring_system":"epss","scoring_elements":"0.8371","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01922","scoring_system":"epss","scoring_elements":"0.83702","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6984"},{"reference_url":"https://github.com/langchain-ai/langchain/blob/d79b5813a0b3b243c612b77013768995e46c4337/libs/langchain/langchain/document_loaders/evernote.py#L1-L23","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/langchain-ai/langchain/blob/d79b5813a0b3b243c612b77013768995e46c4337/libs/langchain/langchain/document_loaders/evernote.py#L1-L23"},{"reference_url":"https://github.com/langchain-ai/langchain-community","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/langchain-ai/langchain-community"},{"reference_url":"https://github.com/langchain-ai/langchain-community/commit/e842452108089524e22c3a2ced851c021884556f","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/langchain-ai/langchain-community/commit/e842452108089524e22c3a2ced851c021884556f"},{"reference_url":"https://huntr.com/bounties/a6b521cf-258c-41c0-9edb-d8ef976abb2a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T20:07:23Z/"}],"url":"https://huntr.com/bounties/a6b521cf-258c-41c0-9edb-d8ef976abb2a"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393073","reference_id":"2393073","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2393073"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-6984","reference_id":"CVE-2025-6984","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-6984"},{"reference_url":"https://github.com/advisories/GHSA-pc6w-59fv-rh23","reference_id":"GHSA-pc6w-59fv-rh23","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-pc6w-59fv-rh23"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16514","reference_id":"RHSA-2025:16514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16514"}],"weaknesses":[{"cwe_id":200,"name":"Exposure of Sensitive Information to an Unauthorized Actor","description":"The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information."},{"cwe_id":611,"name":"Improper Restriction of XML External Entity Reference","description":"The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":"7.0 - 8.9","exploitability":"0.5","weighted_severity":"8.0","risk_score":4.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wjve-gbrh-5khy"}