AI Threat Alert
AI Component
Framework
AI/ML frameworks (LangChain, PyTorch, TensorFlow, etc.) are the foundational libraries for building AI applications. Vulnerabilities here have wide blast radius due to high adoption.
1220
Total CVEs
61
Pages
Page 28 of 61
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2024-12704 | llama-index: DoS via infinite loop in LangChain LLM | llamaindex | 7.5 |
| CRITICAL | CVE-2025-2828 | LangChain RequestsToolkit: SSRF exposes cloud metadata | langchain | 10.0 |
| CRITICAL | CVE-2025-6853 | Langchain-Chatchat: path traversal in KB upload | langchain-chatchat | 9.8 |
| MEDIUM | CVE-2025-6854 | Langchain-Chatchat: path traversal in file API exposes host FS | langchain-chatchat | 4.3 |
| HIGH | CVE-2025-6855 | Langchain-Chatchat: path traversal exposes system files | langchain-chatchat | 8.8 |
| CRITICAL | CVE-2025-46059 | LangChain GmailToolkit: indirect prompt injection to RCE | 9.8 | |
| CRITICAL | CVE-2025-45150 | ChatGLM-Webui: arbitrary file read, no auth required | langchain-chatglm-webui | 9.8 |
| HIGH | CVE-2025-6984 | EverNoteLoader: XXE exposes host files in LangChain | langchain-community | 7.5 |
| CRITICAL | CVE-2025-9556 | langchaingo: Jinja2 SSTI allows host filesystem read | 9.8 | |
| MEDIUM | CVE-2025-58177 | n8n: stored XSS in LangChain chat trigger (public) | n8n | 5.4 |
| HIGH | CVE-2025-6985 | langchain-text-splitters: XXE enables arbitrary file read | langchain-text-splitters | 7.5 |
| HIGH | CVE-2025-8709 | langgraph-checkpoint-sqlite: SQL Injection exposes database | langgraph-checkpoint-sqlite | 7.3 |
| HIGH | CVE-2025-65106 | langchain-core: security flaw enables exploitation | langchain-core | - |
| HIGH | CVE-2025-68664 | langchain-core: Deserialization enables RCE | langchain_core | 8.2 |
| CRITICAL | CVE-2025-68665 | langchain.js: Deserialization enables RCE | langchain.js | 9.1 |
| HIGH | CVE-2024-58340 | langchain: security flaw enables exploitation | langchain | 7.5 |
| LOW | CVE-2026-26013 | langchain-core: SSRF allows internal network access | langchain_core | 3.7 |
| MEDIUM | CVE-2026-26019 | langchain_community: SSRF allows internal network access | langchain_community | 4.1 |
| HIGH | CVE-2024-34527 | SolidUI: OpenAI API key exposed via log print statement | 7.5 | |
| HIGH | CVE-2024-6587 | LiteLLM: SSRF leaks OpenAI API key to attacker | litellm | 7.5 |