CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

OSV•added 2025/12/23 10:47 p.m.•2 views

CVE-2025-68664 LangChain serialization injection vulnerability enables secret extraction in dumps/loads APIs

LangChain is a framework for building agents and LLM-powered applications. Prior to versions 0.3.81 and 1.2.5, a serialization injection vulnerability exists in LangChain's dumps and dumpd functions. The functions do not escape dictionaries with 'lc' keys when serializing free-form dictionaries...

9.3CVSS7.2AI score0.02624EPSS

Exploits4References9