Langchain-ai Langchain
6 CVEs affecting Langchain-ai Langchain. Latest disclosed: 2026-05-26. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-68664 | Critical | 9.3 | 2025-12-23 | LangChain is a framework for building agents and LLM-powered applications. Prior to versions 0.3.81 and 1.2.5, a serialization injection vulnerability exists i… |
CVE-2026-44843 | High | 8.2 | 2026-05-26 | LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.85 and 1.3.3, LangChain contains older runtime code paths that deserial… |
CVE-2026-34070 | High | 7.5 | 2026-03-31 | LangChain is a framework for building agents and LLM-powered applications. Prior to version 1.2.22, multiple functions in langchain_core.prompts.loading read f… |
CVE-2026-40087 | Medium | 5.3 | 2026-04-09 | LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-string prompt-template validation was inco… |
CVE-2026-26013 | Low | 3.7 | 2026-02-10 | LangChain is a framework for building agents and LLM-powered applications. Prior to 1.2.11, the ChatOpenAI.get_num_tokens_from_messages() method fetches arbitr… |
CVE-2025-65106 | | 2025-11-21 | LangChain is a framework for building agents and LLM-powered applications. From versions 0.3.79 and prior and 1.0.0 to 1.0.6, a template injection vulnerabilit… |