PT-2025-35896
Name of the Vulnerable Software and Affected Versions langchain-ai/langchain version 0.3.63 Description The EverNoteLoader component is susceptible to XML External Entity XXE attacks due to insecure XML parsing. This issue stems from the use of etree.iterparse without disabling external entity...