Malicious code in langchain-core-mcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd42d83950d8d8fc559905eed104af38cd6c8aef683b96778f0b8d778dd6bd5a Package langchain-core-mcp impersonates the legitimate langchain-core publisher: METADATA sets Project-URL Repository to...

ROOT-APP-PYPI-CVE-2025-68664 CVE-2025-68664 in rootio-langchain-core - Patched by Root

Root has patched CVE-2025-68664 in the rootio-langchain-core package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2026-44843 CVE-2026-44843 in rootio-langchain-core - Patched by Root

Root has patched CVE-2026-44843 in the rootio-langchain-core package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2026-34070 CVE-2026-34070 in rootio-langchain-core - Patched by Root

Root has patched CVE-2026-34070 in the rootio-langchain-core package for Root:PyPI. Multiple fixed versions available...

GHSA-PJWX-R37V-7724 vulnerabilities

Vulnerabilities for packages: py3-langchain-core, py3-langchain...

CVE-2026-44843 vulnerabilities

Vulnerabilities for packages: py3-langchain-core, py3-langchain...

GHSA-PJWX-R37V-7724 vulnerabilities

Vulnerabilities for packages: py3-langchain, py3-langchain-core...

CVE-2026-44843 vulnerabilities

Vulnerabilities for packages: py3-langchain, py3-langchain-core...

LangChain Core 1.3.2 / 0.3.84 Tracer Deserialization / Credential Disclosure

LangChain Core has a tracer deserialization vulnerability that could allow unauthenticated remote credential exfiltration in affected deployments. Versions 1.3.2 and 0.3.84 are affected...

accessiqlue (=2025.12.21154255), agent-builder (>=0.0.2 <=0.1.7) +345 more potentially affected by CVE-2026-44843 via langchain-core (>=1.0.0a8 <=1.3.2)

langchain-core PYPI version =1.0.0a8, =0.0.2, =0.1.0, =0.1.0, =0.1.0, =0.1.1 - ai-benchmark-analyzer =2025.12.21193050 - ai-claim-essence =2025.12.20202921 - ai-design-insights =2025.12.21145447 - ai-mysql-translator =2025.12.21101721 - ai-reliability-analyzer =2025.12.21171415 - ai-risk-extracto...

Deserialization of Untrusted Data

Overview langchain-core is a Building applications with LLMs through composability Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the load process. An attacker can instantiate trusted classes with untrusted constructor arguments by submitting specially...

accessiqlue (=2025.12.21154255), agent-builder (>=0.0.2 <=0.1.7) +347 more potentially affected by CVE-2026-44843 via langchain-core (>=1.0.0 <=1.3.2)

langchain-core PYPI version =1.0.0, =0.0.2, =0.1.0, =0.1.0, =0.1.0, =0.1.1 - ai-benchmark-analyzer =2025.12.21193050 - ai-claim-essence =2025.12.20202921 - ai-design-insights =2025.12.21145447 - ai-mysql-translator =2025.12.21101721 - ai-reliability-analyzer =2025.12.21171415 - ai-risk-extractor...

a-data-processing (=0.0.1), a-mailx (=0.1.0) +1228 more potentially affected by CVE-2026-44843 via langchain-core (>=0.0.1 <=0.3.83)

langchain-core PYPI version =0.0.1, =0.1.0, =0.1.3, =0.1.0b0, =4.8.2, =0.1.3, =0.1.0, =3.2.0, =2.1.7, =0.0.2, =0.0.5 and more Source cves: CVE-2026-44843 Source advisory: OSV:GHSA-PJWX-R37V-7724...

a-data-processing (=0.0.1), a-mailx (=0.1.0) +1228 more potentially affected by CVE-2026-44843 via langchain-core (>=0.0.1 <=0.3.83)

langchain-core PYPI version =0.0.1, =0.1.0, =0.1.3, =0.1.0b0, =4.8.2, =0.1.3, =0.1.0, =3.2.0, =2.1.7, =0.0.2, =0.0.5 and more Source cves: CVE-2026-44843 Source advisory: SNYK:PYTHON-LANGCHAINCORE-16624521...

📄 LangChain Core Insecure Deserialization

LangChain Core versions prior to 1.2.5 and 0.3.81 suffer from a deserialization vulnerability that allows for server-side template injection that can lead to remote code execution. Exploit Title: LangChain Core - SSTI/RCE Date: 2025-12-29 Exploit Author: Mohammed Idrees Banyamer Author Country:...

LangChain Core 1.2.4 - SSTI/RCE

Exploit Title: LangChain Core - SSTI/RCE Date: 2025-12-29 Exploit Author: Mohammed Idrees Banyamer Author Country: Jordan Contact: @banyamersecurity Instagram GitHub: https://github.com/mbanyamer Vendor Homepage: https://www.langchain.com/ Software Link: https://pypi.org/project/langchain-core/...

accessiqlue (=2025.12.21154255), agent-builder (>=0.0.2 <=0.1.7) +320 more potentially affected by CVE-2026-40087 via langchain-core (>=1.0.0a8 <=1.2.24)

langchain-core PYPI version =1.0.0a8, =0.0.2, =0.1.0, =0.1.0, =0.1.1 - ai-benchmark-analyzer =2025.12.21193050 - ai-claim-essence =2025.12.20202921 - ai-design-insights =2025.12.21145447 - ai-mysql-translator =2025.12.21101721 - ai-reliability-analyzer =2025.12.21171415 - ai-risk-extractor...

a-data-processing (=0.0.1), a-mailx (=0.1.0) +1228 more potentially affected by CVE-2026-40087 via langchain-core (>=0.0.1 <=0.3.83)

langchain-core PYPI version =0.0.1, =0.1.0, =0.1.3, =0.1.0b0, =4.8.2, =0.1.3, =0.1.0, =3.2.0, =2.1.7, =0.0.2, =0.0.5 and more Source cves: CVE-2026-40087 Source advisory: SNYK:PYTHON-LANGCHAINCORE-15953340...

a-data-processing (=0.0.1), a-mailx (=0.1.0) +1228 more potentially affected by CVE-2026-40087 via langchain-core (>=0.0.1 <=0.3.83)

langchain-core PYPI version =0.0.1, =0.1.0, =0.1.3, =0.1.0b0, =4.8.2, =0.1.3, =0.1.0, =3.2.0, =2.1.7, =0.0.2, =0.0.5 and more Source cves: CVE-2026-40087 Source advisory: OSV:GHSA-926X-3R5X-GFHW...

accessiqlue (=2025.12.21154255), agent-builder (>=0.0.2 <=0.1.7) +334 more potentially affected by CVE-2026-40087 via langchain-core (>=0.4.0.dev0 <=1.2.24)

langchain-core PYPI version =0.4.0.dev0, =0.0.2, =0.1.0, =0.1.0, =0.1.1 - ai-benchmark-analyzer =2025.12.21193050 - ai-claim-essence =2025.12.20202921 - ai-design-insights =2025.12.21145447 - ai-mysql-translator =2025.12.21101721 - ai-reliability-analyzer =2025.12.21171415 - ai-risk-extractor...