9.1

CVE-2025-68665

LangChain serialization injection vulnerability enables secret extraction

LangChain is a framework for building LLM-powered applications. Prior to @langchain/core versions 0.3.80 and 1.1.8, and prior to langchain versions 0.3.37 and 1.2.3, a serialization injection vulnerability exists in LangChain JS's toJSON() method (and subsequently when string-ifying objects using JSON.stringify(). The method did not escape objects with 'lc' keys when serializing free-form data in kwargs. The 'lc' key is used internally by LangChain to mark serialized objects. When user-controlled data contains this key structure, it is treated as a legitimate LangChain object during deserialization rather than plain user data. This issue has been patched in @langchain/core versions 0.3.80 and 1.1.8, and langchain versions 0.3.37 and 1.2.3
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LangchainLangchain.Js Version < 0.3.37
LangchainLangchain.Js Version >= 1.0.0 < 1.2.3
LangchainLangchain/core SwPlatformnode.js Version < 0.3.80
LangchainLangchain/core SwPlatformnode.js Version >= 1.0.0 < 1.1.8
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.75% 0.5
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.1 3.9 5.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
security-advisories@github.com 8.6 3.9 4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
CWE-502 Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

https://github.com/langchain-ai/langchainjs/security/advisories/GHSA-r399-636x-v7f6
Vendor Advisory
https://github.com/langchain-ai/langchainjs/commit/e5063f9c6e9989ea067dfdff39262b9e7b6aba62
Patch
https://github.com/langchain-ai/langchainjs/releases/tag/%40langchain%2Fcore%401.1.8
Release Notes
https://github.com/langchain-ai/langchainjs/releases/tag/langchain%401.2.3
Release Notes