Vulners
Lucene search
LangChain Text Splitters is vulnerable to XML External Entity (XXE) attacks due to unsafe XSLT parsing
| Reporter | Title | Published | Views | Family All 22 |
|---|---|---|---|---|
 | Security Bulletin: The IBM Maximo Application Suite AI-Service component uses multiple third-party dependencies that contain vulnerabilities associated with multiple CVEs. | 2 Feb 202604:22 | – | ibm |
| Security Bulletin: IBM watsonx.data integration has several vulnerabilities due to open source packages (CVE-2018-20225, CVE-2025-6985, CVE-2025-54368) | 20 Mar 202616:39 | – | ibm |
 | LangChain HTMLSectionSplitter – XXE caused by unsafe XSLT parsing | 1 Jul 202517:58 | – | huntr |
 | CVE-2025-6985 vulnerabilities | 9 Oct 202514:01 | – | cgr |
 | CVE-2025-6985 | 14 Oct 202504:36 | – | circl |
 | langchain-text-splitters 代码问题漏洞 | 6 Oct 202500:00 | – | cnnvd |
 | CVE-2025-6985 | 6 Oct 202517:58 | – | cve |
 | CVE-2025-6985 XXE Vulnerability in langchain-ai/langchain | 6 Oct 202517:58 | – | cvelist |
 | EUVD-2025-32577 | 6 Oct 202517:58 | – | euvd |
 | CVE-2025-6985 | 6 Oct 202518:15 | – | nvd |
10
Node
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
08 Oct 2025 14:07Current
6.9Medium risk
Vulners AI Score6.9
CVSS 37.5
EPSS0.00146
SSVC