LangChain Vulnerabilities

pip LLM Frameworks

AI Threat Alert tracks 56 known vulnerabilities in LangChain, 23 rated critical — an AI/ML llm frameworks in the pip ecosystem. Each CVE includes CVSS severity, EPSS exploit probability, patch status, and CISO-grade analysis.

Data sources
77
Risk Score
56
Total CVEs
23
Critical
pip
Ecosystem
Jun 22, 2026
Last CVE
24%
Patch Rate
156d
Avg Time to Patch
140,350 stars 23,297 forks 413 issues 2,739 dependents Last push Jun 26, 2026
View on GitHub
OpenSSF Scorecard 5.8/10

Known Vulnerabilities (56 total, page 2 of 3)

Severity CVE ID Summary CVSS Published
MEDIUM CVE-2025-6854 Langchain-Chatchat: path traversal in file API exposes host FS 4.3 Jun 29, 2025 CRITICAL CVE-2025-6853 Langchain-Chatchat: path traversal in KB upload 9.8 Jun 29, 2025 CRITICAL CVE-2025-2828 LangChain RequestsToolkit: SSRF exposes cloud metadata 10.0 Jun 23, 2025 CRITICAL CVE-2024-8309 LangChain GraphCypher: prompt injection enables DB wipe 9.8 Oct 29, 2024 CRITICAL CVE-2024-7774 LangChain.js: path traversal, arbitrary file read/write 9.1 Oct 29, 2024 CRITICAL CVE-2024-7042 LangChainJS: prompt injection enables full graph DB takeover 9.8 Oct 29, 2024 CRITICAL CVE-2024-46946 LangChain-Experimental: RCE via eval in math chain 9.8 Sep 19, 2024 HIGH CVE-2024-5998 LangChain: RCE via FAISS pickle deserialization 7.8 Sep 17, 2024 HIGH CVE-2024-21513 langchain-experimental: RCE via eval() in VectorSQL chain 8.5 Jul 15, 2024 HIGH CVE-2024-38459 LangChain: Python REPL code execution without opt-in 7.8 Jun 16, 2024 HIGH CVE-2024-3095 LangChain: SSRF in Web Retriever exposes cloud metadata 7.7 Jun 6, 2024 HIGH CVE-2024-3571 LangChain: path traversal allows arbitrary file R/W 8.8 Apr 16, 2024 MEDIUM CVE-2024-1455 LangChain: Billion Laughs XML expansion causes DoS 5.9 Mar 26, 2024 HIGH CVE-2024-28088 LangChain: path traversal enables RCE and API key theft 8.1 Mar 4, 2024 CRITICAL CVE-2024-2057 LangChain TFIDFRetriever: SSRF/RCE via load_local 9.8 Mar 1, 2024 CRITICAL CVE-2024-27444 LangChain Experimental: RCE via Python sandbox escape 9.8 Feb 26, 2024 HIGH CVE-2023-32786 LangChain: prompt injection triggers SSRF via URL fetch 7.5 Oct 20, 2023 HIGH CVE-2023-46229 LangChain: SSRF in URL loader exposes internal network 8.8 Oct 19, 2023 CRITICAL CVE-2023-44467 LangChain: RCE bypass via __import__ in PAL chain 9.8 Oct 9, 2023 CRITICAL CVE-2023-39631 LangChain: RCE via numexpr evaluate injection 9.8 Sep 1, 2023 CRITICAL CVE-2023-36281 LangChain: RCE via malicious JSON prompt template 9.8 Aug 22, 2023 CRITICAL CVE-2023-39659 LangChain: RCE via unsanitized PythonAstREPL input 9.8 Aug 15, 2023 CRITICAL CVE-2023-38896 LangChain: RCE via unsandboxed LLM code execution 9.8 Aug 15, 2023 CRITICAL CVE-2023-38860 LangChain: RCE via unsanitized prompt parameter 9.8 Aug 15, 2023 CRITICAL CVE-2023-36095 LangChain PALChain: RCE via unsanitized exec() calls 9.8 Aug 5, 2023

Showing 26–50 of 56

Frequently asked questions

What is LangChain?

LangChain is an AI/ML llm frameworks tracked by AI Threat Alert for security vulnerabilities in the pip ecosystem.

How many known vulnerabilities does LangChain have?

LangChain has 56 known CVEs, 23 of them critical, tracked from NVD and GitHub Advisory.

Which ecosystem is LangChain distributed in?

LangChain is distributed via the pip ecosystem and categorized as llm frameworks.

Where does the LangChain vulnerability data come from?

Vulnerability data is sourced from NVD and GitHub Advisory, enriched with CVSS, EPSS, exploit signals, and patch status for each CVE.

How do I assess the risk of LangChain?

Review each CVE below — every entry shows CVSS severity, EPSS exploit probability, exploitation signals, and whether a patched version is available.

Monitor LangChain in your stack

Get instant alerts when new vulnerabilities affect LangChain. CISO analysis, ATLAS technique mappings, and compliance reports included.

Start Monitoring