langchain-core
PyPI8 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting langchain-corepage 1 of 1
- CVE-2024-10940MEDIUMCVSS 5.3EG 5.3✓ Fixed in 0.3.152025-03-20
vulnerable: 0.3.0 ... 0.3.9 (15 versions)
A vulnerability in langchain-core versions >=0.1.17,<0.1.53, >=0.2.0,<0.2.43, and >=0.3.0,<0.3.15 allows unauthorized users to read arbitrary files from the host file system. The issue arises from the ability to create langchain_core.promp…
- CVE-2024-1455MEDIUMCVSS 5.9EG 5.9✓ Fixed in 0.1.352024-03-26
vulnerable: 0.0.1 ... 0.1.9 (54 versions)
A vulnerability in the langchain-ai/langchain repository allows for a Billion Laughs Attack, a type of XML External Entity (XXE) exploitation. By nesting multiple layers of entities within an XML document, an attacker can cause the XML par…
- CVE-2024-28088HIGHCVSS 8.1EG 8.1✓ Fixed in 0.1.112024-03-04
vulnerable: 0.0.1 ... 0.1.9 (26 versions)
LangChain through 0.1.10 allows ../ directory traversal by an actor who is able to control the final part of the path parameter in a load_chain call. This bypasses the intended behavior of loading configurations only from the hwchase17/lan…
- CVE-2025-65106HIGHCVSS 8.3EG 0.0✓ Fixed in 0.3.802025-11-21
vulnerable: 0.0.1 ... 0.3.9 (211 versions)
LangChain is a framework for building agents and LLM-powered applications. From versions 0.3.79 and prior and 1.0.0 to 1.0.6, a template injection vulnerability exists in LangChain's prompt template system that allows attackers to access P…
- CVE-2025-68664CRITICALCVSS 9.3EG 9.3✓ Fixed in 1.2.52025-12-23
vulnerable: 1.0.0 ... 1.2.4 (17 versions)
LangChain is a framework for building agents and LLM-powered applications. Prior to versions 0.3.81 and 1.2.5, a serialization injection vulnerability exists in LangChain's dumps() and dumpd() functions. The functions do not escape diction…
- CVE-2026-26013LOWCVSS 3.7EG 3.7✓ Fixed in 1.2.112026-02-10
vulnerable: 0.0.1 ... 1.2.9 (250 versions)
LangChain is a framework for building agents and LLM-powered applications. Prior to 1.2.11, the ChatOpenAI.get_num_tokens_from_messages() method fetches arbitrary image_url values without validation when computing token counts for vision-e…
- CVE-2026-34070HIGHCVSS 7.5EG 7.5✓ Fixed in 1.2.222026-03-31
vulnerable: 0.0.1 ... 1.2.9 (261 versions)
LangChain is a framework for building agents and LLM-powered applications. Prior to version 1.2.22, multiple functions in langchain_core.prompts.loading read files from paths embedded in deserialized config dicts without validating against…
- CVE-2026-40087MEDIUMCVSS 5.3EG 5.3✓ Fixed in 1.2.282026-04-09
vulnerable: 1.0.0 ... 1.2.9 (51 versions)
LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string te…
Check whether langchain-core is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for langchain-core CVEs against the assets you own.
Start Free Scan →