langchain-ai
Security Risk Profile
48
/100
mediumSecurity Risk Score
Comprehensive risk assessment based on 4 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from March 20, 2025 to present
4
Total CVEs
3
Critical+High
0
Exploited
1
Unpatched
Threat Assessment
Avg CVSS
7.5
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
1
Critical/High
Risk Level
48/100
medium
Severity Distribution
Critical
1High
2Medium
1Low
0Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
0Age Distribution
Common Weaknesses (CWE)
1
Infoleak
1
2
XEE
1
3
SSRF
1
Most Affected Products
1. langchain-ai langchain3
2. pip/langchain-core3
3. pip/langchain-community2
4. IBM Concert Software1
5. Langchain Langchain1
Recent Vulnerabilities
See more →REDHAT-BUG-2393073
CVSS 7.0high
9/4/2025🔧 No Patch
CVE-2025-6984
CVSS 7.5high
Sensitive Information Disclosure Due to Insecure XML Parsing in langchain-ai/langchain
9/4/2025
CVE-2025-2828
CVSS 10.0critical
SSRF Vulnerability in RequestsToolkit in langchain-ai/langchain
6/23/2025
CVE-2024-10940
CVSS 5.3medium
Exposure of Sensitive System Information via ImagePromptTemplate in langchain-ai/langchain
3/20/2025
Monitor langchain-ai in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.