Langchain Langchain Core — known CVE vulnerabilities
Every CVE whose affected-product data names Langchain Langchain Core, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2025-68664 — CVSS 9.3 (critical): LangChain is a framework for building agents and LLM-powered applications. Prior to versions 0.3.81 and 1.2.5, a serialization injection…
CVE-2026-34070 — CVSS 7.5 (high): LangChain is a framework for building agents and LLM-powered applications. Prior to version 1.2.22, multiple functions in…
CVE-2026-40087 — CVSS 5.3 (medium): LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-string prompt-template…
CVE-2026-26013 — CVSS 3.7 (low): LangChain is a framework for building agents and LLM-powered applications. Prior to 1.2.11, the ChatOpenAI.get_num_tokens_from_messages()…