CVE-2025-65106
A template-injection vulnerability in LangChain's prompt template system allowed untrusted template strings to access Python object internals through attribute traversal and indexing. By crafting malicious template expressions, an attacker could read sensitive properties e.g., class, globals from...