Lucene search
K

6 matches found

Circl
Circl
added 2025/06/24 1:4 a.m.14 views

CVE-2025-2828

creationtimestamp| type| source ---|---|--- 2025-06-24 01:04:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lscvoh4hru2a 2025-06-24 13:50:39+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19331...

10CVSS7.8AI score0.14059EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/06/23 10:9 p.m.6 views

CVE-2025-2828

A Server-Side Request Forgery SSRF flaw was found in the langchain-community package due to a lack of restriction enforcement on specific internet addresses. This flaw allows an attacker to access local services, conduct port scans, retrieve instance metadata, or interact with local network...

10CVSS8.1AI score0.14059EPSS
Exploits1References5
vulnersOsv
vulnersOsv
added 2025/06/23 9:31 p.m.3 views

a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +145 more potentially affected by CVE-2025-2828 via langchain-community (>=0.0.1 <=0.0.27)

langchain-community PYPI version =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =0.0.1, =0.2.0, =0.1.0, =0.1.5, =0.0.13, =0.0.14 - bisheng-langchain =0.2.3.1 and more Source cves: CVE-2025-2828 Source advisory: OSV:GHSA-H5GC-RM8J-5GPR...

10CVSS7.2AI score0.14059EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/06/23 9:15 p.m.7 views

a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +145 more potentially affected by CVE-2025-2828 via langchain-community (>=0.0.1 <=0.0.27)

langchain-community PYPI version =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =0.0.1, =0.2.0, =0.1.0, =0.1.5, =0.0.13, =0.0.14 - bisheng-langchain =0.2.3.1 and more Source cves: CVE-2025-2828 Source advisory: OSV:PYSEC-2025-70...

10CVSS7.2AI score0.14059EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2025/06/23 8:42 p.m.4 views

CVE-2025-2828 SSRF Vulnerability in RequestsToolkit in langchain-ai/langchain

A Server-Side Request Forgery SSRF vulnerability exists in the RequestsToolkit component of the langchain-community package specifically, langchaincommunity.agenttoolkits.openapi.toolkit.RequestsToolkit in langchain-ai/langchain version 0.0.27. This vulnerability occurs because the toolkit does n...

8.4CVSS7AI score0.14059EPSS
Exploits1References2
CVE
CVE
added 2025/06/23 8:42 p.m.92 views

CVE-2025-2828

CVE-2025-2828 describes an SSRF flaw in the RequestsToolkit of langchain-ai/langchain (langchain_community.agent_toolkits.openapi.toolkit.RequestsToolkit) affecting version 0.0.27. The vulnerability arises from insufficiently restricted requests to remote internet addresses, enabling an attacker ...

10CVSS8.3AI score0.14059EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder