21 matches found
CVE-2026-41488
A flaw was found in langchain-openai. A remote attacker could exploit a Time-of-Check to Time-of-Use TOCTOU vulnerability, also known as a DNS rebinding vulnerability. This occurs because the urltosize helper, used for image token counting, validates URLs for Server-Side Request Forgery SSRF...
CVE-2026-41488
LangChain is a framework for building agents and LLM-powered applications. Prior to 1.1.14, langchain-openai's urltosize helper used by getnumtokensfrommessages for image token counting validated URLs for SSRF protection and then fetched them in a separate network operation with independent DNS...
PYSEC-2026-76
LangChain is a framework for building agents and LLM-powered applications. Prior to 1.1.14, langchain-openai's urltosize helper used by getnumtokensfrommessages for image token counting validated URLs for SSRF protection and then fetched them in a separate network operation with independent DNS...
PYSEC-2026-76
LangChain is a framework for building agents and LLM-powered applications. Prior to 1.1.14, langchain-openai's urltosize helper used by getnumtokensfrommessages for image token counting validated URLs for SSRF protection and then fetched them in a separate network operation with independent DNS...
CVE-2026-41488 angchain-openai: Image token counting SSRF protection can be bypassed via DNS rebinding
LangChain is a framework for building agents and LLM-powered applications. Prior to 1.1.14, langchain-openai's urltosize helper used by getnumtokensfrommessages for image token counting validated URLs for SSRF protection and then fetched them in a separate network operation with independent DNS...
EUVD-2026-25635
LangChain is a framework for building agents and LLM-powered applications. Prior to 1.1.14, langchain-openai's urltosize helper used by getnumtokensfrommessages for image token counting validated URLs for SSRF protection and then fetched them in a separate network operation with independent DNS...
CVE-2026-41488 angchain-openai: Image token counting SSRF protection can be bypassed via DNS rebinding
LangChain is a framework for building agents and LLM-powered applications. Prior to 1.1.14, langchain-openai's urltosize helper used by getnumtokensfrommessages for image token counting validated URLs for SSRF protection and then fetched them in a separate network operation with independent DNS...
CVE-2026-41488
CVE-2026-41488 affects the langchain-openai component prior to version 1.1.14. The issue stems from the _url_to_size() helper (used by get_num_tokens_from_messages for image token counting): it validates URLs to provide SSRF protection, then fetches them in a separate network operation with an in...
PT-2026-35087
Name of the Vulnerable Software and Affected Versions langchain-openai versions prior to 1.1.14 Description The url to size helper function, utilized by get num tokens from messages for image token counting, contains a Time-of-Check to Time-of-Use TOCTOU flaw. The function validates URLs for...
GHSA-R7W7-9XR2-QQ2R langchain-openai: Image token counting SSRF protection can be bypassed via DNS rebinding
Summary langchain-openai's urltosize helper used by getnumtokensfrommessages for image token counting validated URLs for SSRF protection and then fetched them in a separate network operation with independent DNS resolution. This left a TOCTOU / DNS rebinding window: an attacker-controlled hostnam...
langchain-openai: Image token counting SSRF protection can be bypassed via DNS rebinding
Summary langchain-openai's urltosize helper used by getnumtokensfrommessages for image token counting validated URLs for SSRF protection and then fetched them in a separate network operation with independent DNS resolution. This left a TOCTOU / DNS rebinding window: an attacker-controlled hostnam...
GHSA-2G6R-C272-W58R LangChain affected by SSRF via image_url token counting in ChatOpenAI.get_num_tokens_from_messages
Server-Side Request Forgery SSRF in ChatOpenAI Image Token Counting Summary The ChatOpenAI.getnumtokensfrommessages method fetches arbitrary imageurl values without validation when computing token counts for vision-enabled models. This allows attackers to trigger Server-Side Request Forgery SSRF...
LangChain affected by SSRF via image_url token counting in ChatOpenAI.get_num_tokens_from_messages
Server-Side Request Forgery SSRF in ChatOpenAI Image Token Counting Summary The ChatOpenAI.getnumtokensfrommessages method fetches arbitrary imageurl values without validation when computing token counts for vision-enabled models. This allows attackers to trigger Server-Side Request Forgery SSRF...
Server-side Request Forgery (SSRF)
Overview langchain-openai is an An integration package connecting OpenAI and LangChain Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the ChatOpenAI.getnumtokensfrommessages function. An attacker can cause the server to make internal network requests,...
CVE-2026-26013
LangChain is a framework for building agents and LLM-powered applications. Prior to 1.2.11, the ChatOpenAI.getnumtokensfrommessages method fetches arbitrary imageurl values without validation when computing token counts for vision-enabled models. This allows attackers to trigger Server-Side Reque...
CVE-2026-26013 LangChain affected by SSRF via image_url token counting in ChatOpenAI.get_num_tokens_from_messages
LangChain is a framework for building agents and LLM-powered applications. Prior to 1.2.11, the ChatOpenAI.getnumtokensfrommessages method fetches arbitrary imageurl values without validation when computing token counts for vision-enabled models. This allows attackers to trigger Server-Side Reque...
CVE-2026-26013
LangChain is a framework for building agents and LLM-powered applications. Prior to 1.2.11, the ChatOpenAI.getnumtokensfrommessages method fetches arbitrary imageurl values without validation when computing token counts for vision-enabled models. This allows attackers to trigger Server-Side Reque...
CVE-2026-26013 LangChain affected by SSRF via image_url token counting in ChatOpenAI.get_num_tokens_from_messages
LangChain is a framework for building agents and LLM-powered applications. Prior to 1.2.11, the ChatOpenAI.getnumtokensfrommessages method fetches arbitrary imageurl values without validation when computing token counts for vision-enabled models. This allows attackers to trigger Server-Side Reque...
CVE-2026-26013
The CVE affects LangChain’s ChatOpenAI component, where get_num_tokens_from_messages() can fetch arbitrary image_url values without validation when counting tokens for vision-enabled models, enabling SSRF by user-provided URLs. Root cause: insufficient validation of image_url during token countin...
CVE-2026-26013 LangChain affected by SSRF via image_url token counting in ChatOpenAI.get_num_tokens_from_messages
LangChain is a framework for building agents and LLM-powered applications. Prior to 1.2.11, the ChatOpenAI.getnumtokensfrommessages method fetches arbitrary imageurl values without validation when computing token counts for vision-enabled models. This allows attackers to trigger Server-Side Reque...