MEDIUM🇵🇱 Wersja polska

CVE-2026-40087

CVSS 5.3v3.1pub. 2026-04-09upd. 2026-04-16

LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string templates and formatted them without enforcing the same attribute-access validation as PromptTemplate. In particular, DictPromptTemplate and ImagePromptTemplate could accept templates containing attribute access or indexing expressions and subsequently evaluate those expressions during formatting. Second, f-string validation based on parsed top-level field names did not reject nested replacement fields inside format specifiers. In this pattern, the nested replacement field appears in the format specifier rather than in the top-level field name. As a result, earlier validation based on parsed field names did not reject the template even though Python formatting would still attempt to resolve the nested expression at runtime. This vulnerability is fixed in 0.3.84 and 1.2.28.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  • Langchain Core

    APP
    Langchain
    < 0.3.841.0.0 – 1.2.28 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-68664CRITICAL9.3PL ✓ten sam produkt

Podatność deserialization injection w funkcjach dumps/dumpd LangChain Core

CVE-2026-34070HIGH7.5ten sam produkt

LangChain is a framework for building agents and LLM-powered applications. Prior to version 1.2.22, multiple f...

CVE-2026-26013LOW3.7ten sam produkt

LangChain to framework do budowania agentów i aplikacji napędzanych LLM-ami. Przed wersją 1.2.11 metoda ChatOp...

CVE-2025-2828CRITICAL10.0PL ✓ten sam vendor

SSRF w LangChain RequestsToolkit — dostęp do sieci wewnętrznej i metadanych chmury

CVE-2024-7042CRITICAL9.8PL ✓ten sam vendor

SQL injection przez prompt injection w LangChain GraphCypherQAChain