LangChain Vulnerabilities

pip LLM Frameworks

AI Threat Alert tracks 56 known vulnerabilities in LangChain, 23 rated critical — an AI/ML llm frameworks in the pip ecosystem. Each CVE includes CVSS severity, EPSS exploit probability, patch status, and CISO-grade analysis.

Data sources
77
Risk Score
56
Total CVEs
23
Critical
pip
Ecosystem
Jun 22, 2026
Last CVE
24%
Patch Rate
156d
Avg Time to Patch
140,350 stars 23,297 forks 413 issues 2,739 dependents Last push Jun 26, 2026
View on GitHub
OpenSSF Scorecard 5.8/10

Known Vulnerabilities (56 total, page 1 of 3)

Severity CVE ID Summary CVSS Published
MEDIUM CVE-2026-55443 LangChain: path traversal exposes files outside agent root 5.5 Jun 22, 2026 HIGH CVE-2026-55405 langchain4j: SQL injection in vector store filters 7.6 Jun 17, 2026 MEDIUM CVE-2026-48776 LangGraph SDK: path traversal bypasses proxy-layer authz 4.2 Jun 16, 2026 MEDIUM GHSA-gr75-jv2w-4656 LangChain: path traversal exposes files outside sandbox 5.1 Jun 16, 2026 HIGH CVE-2026-45134 LangSmith: prompt deserialization enables SSRF + data leak 7.1 May 13, 2026 HIGH CVE-2026-44843 LangChain: deserialization poisons LLM chat history 8.2 May 8, 2026 LOW CVE-2026-7847 Langchain-Chatchat: predictable file IDs leak uploaded files 2.6 May 5, 2026 LOW CVE-2026-7846 Langchain-Chatchat: TOCTOU race allows silent file overwrite 2.6 May 5, 2026 LOW CVE-2026-7845 Langchain-Chatchat: weak image hash allows integrity bypass 2.6 May 5, 2026 LOW CVE-2026-41488 langchain-openai: SSRF via DNS rebinding in image token counter 3.1 Apr 24, 2026 MEDIUM CVE-2026-41481 LangChain: SSRF redirect bypass exposes internal endpoints 6.5 Apr 24, 2026 MEDIUM GHSA-fv5p-p927-qmxr langchain-text-splitters: SSRF bypass exposes cloud metadata 6.5 Apr 16, 2026 MEDIUM CVE-2026-40190 langsmith: prototype pollution enables auth bypass, RCE 5.6 Apr 10, 2026 MEDIUM CVE-2026-40087 LangChain: template injection leaks object attributes 5.3 Apr 9, 2026 MEDIUM CVE-2024-2965 langchain-community: DoS via recursive sitemap loop 4.2 Jun 6, 2024 CRITICAL CVE-2023-32785 LangChain: prompt injection → SQL RCE (CVSS 9.8) 9.8 Oct 21, 2023 HIGH CVE-2026-25750 langsmith: security flaw enables exploitation 8.1 Mar 4, 2026 MEDIUM CVE-2026-26019 langchain_community: SSRF allows internal network access 4.1 Feb 11, 2026 LOW CVE-2026-26013 langchain-core: SSRF allows internal network access 3.7 Feb 10, 2026 HIGH CVE-2024-58340 langchain: security flaw enables exploitation 7.5 Jan 12, 2026 CRITICAL CVE-2025-68665 langchain.js: Deserialization enables RCE 9.1 Dec 23, 2025 HIGH CVE-2025-68664 langchain-core: Deserialization enables RCE 8.2 Dec 23, 2025 HIGH CVE-2025-6985 langchain-text-splitters: XXE enables arbitrary file read 7.5 Oct 6, 2025 CRITICAL CVE-2025-45150 ChatGLM-Webui: arbitrary file read, no auth required 9.8 Aug 1, 2025 HIGH CVE-2025-6855 Langchain-Chatchat: path traversal exposes system files 8.8 Jun 29, 2025

Showing 1–25 of 56

Frequently asked questions

What is LangChain?

LangChain is an AI/ML llm frameworks tracked by AI Threat Alert for security vulnerabilities in the pip ecosystem.

How many known vulnerabilities does LangChain have?

LangChain has 56 known CVEs, 23 of them critical, tracked from NVD and GitHub Advisory.

Which ecosystem is LangChain distributed in?

LangChain is distributed via the pip ecosystem and categorized as llm frameworks.

Where does the LangChain vulnerability data come from?

Vulnerability data is sourced from NVD and GitHub Advisory, enriched with CVSS, EPSS, exploit signals, and patch status for each CVE.

How do I assess the risk of LangChain?

Review each CVE below — every entry shows CVSS severity, EPSS exploit probability, exploitation signals, and whether a patched version is available.

Monitor LangChain in your stack

Get instant alerts when new vulnerabilities affect LangChain. CISO analysis, ATLAS technique mappings, and compliance reports included.

Start Monitoring