← Back to home
wid-sec-w-2026-0896  ·  Published 2026-03-26  ·  View on BSI CERT-Bund ↗

LangChain: Vulnerability allows Offenlegung from Informationen

CVSS 7.5 HIGH

Risk Summary

LangChain is a framework for building agents and LLM-powered applications. Prior to version 1.2.22, multiple functions in langchain_core.prompts.loading read files from paths embedded in deserialized config dicts without validating against directory traversal or absolute path injection. When an application passes user-influenced prompt configurations to load_prompt() or load_prompt_from_config(), an attacker can read arbitrary files on the host filesystem, constrained only by file-extension checks (.txt for templates, .json/.yaml for examples). This issue has been patched in version 1.2.22.

CVEs (1)

Affected Vendors

Open Source

Affected Products (2)

Open Source · LangChain <1.2.22
Open Source · LangChain 1.2.22

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more