CVE-2026-40087

EPSS 0.26%
Veröffentlicht 09.04.2026 20:16:27
Zuletzt bearbeitet 16.04.2026 20:48:43
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

LangChain has incomplete f-string validation in prompt templates

LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string templates and formatted them without enforcing the same attribute-access validation as PromptTemplate. In particular, DictPromptTemplate and ImagePromptTemplate could accept templates containing attribute access or indexing expressions and subsequently evaluate those expressions during formatting. Second, f-string validation based on parsed top-level field names did not reject nested replacement fields inside format specifiers. In this pattern, the nested replacement field appears in the format specifier rather than in the top-level field name. As a result, earlier validation based on parsed field names did not reject the template even though Python formatting would still attempt to resolve the nested expression at runtime. This vulnerability is fixed in 0.3.84 and 1.2.28.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 10

NVD 2 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Langchain ≫ Langchain Core SwPlatformpython Version < 0.3.84

Langchain ≫ Langchain Core SwPlatformpython Version >= 1.0.0 < 1.2.28

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.26%	0.173

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security-advisories@github.com	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-1336 Improper Neutralization of Special Elements Used in a Template Engine

The product uses a template engine to insert or process externally-influenced input, but it does not neutralize or incorrectly neutralizes special elements or syntax that can be interpreted as template expressions or other code directives when processed by the engine.

https://github.com/langchain-ai/langchain/commit/6bab0ba3c12328008ddca3e0d54ff5a6151cd27b

Patch

https://github.com/langchain-ai/langchain/commit/af2ed47c6f008cdd551f3c0d87db3774c8dfe258

Patch

https://github.com/langchain-ai/langchain/pull/36612

Patch

Issue Tracking

https://github.com/langchain-ai/langchain/pull/36613

Patch

Issue Tracking

https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D0.3.84

Product

Release Notes

https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D1.2.28

Product

Release Notes

https://github.com/langchain-ai/langchain/security/advisories/GHSA-926x-3r5x-gfhw

Vendor Advisory

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2026-40087

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-40087

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-40087

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-40087