Search: langchain | AI Threat Intelligence

Severity:

30 results in 12ms

CVE CRITICAL CVE-2023-36095

2023-08-05

issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include from_math_prompt and from_colored

CVSS 9.8 langchain View details

CVE CRITICAL CVE-2023-36188

2023-07-06

issue in langchain v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method

CVSS 9.8 langchain View details

CVE CRITICAL CVE-2023-36258

2023-07-03

issue in LangChain before 0.0.236 allows an attacker to execute arbitrary code because Python code with os.system, exec, or eval can be used

CVSS 9.8 langchain View details

CVE CRITICAL CVE-2023-34541

2023-06-20

Langchain 0.0.171 is vulnerable to Arbitrary code execution in load_prompt

CVSS 9.8 langchain View details

CVE CRITICAL CVE-2023-34540

2023-06-14

Langchain before v0.0.225 was discovered to contain a remote code execution (RCE) vulnerability in the component JiraAPIWrapper (aka the JIRA API wrapper). This vulnerability allows attackers to execute arbitrary code

CVSS 9.8 langchain View details

CVE CRITICAL CVE-2023-29374

2023-04-05

LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method

CVSS 9.8 langchain View details

Paper 2603.15125v1

2026-03-16

From Storage to Steering: Memory Control Flow Attacks on LLM Agents

Gemini 2.5 Flash on real-world tools from two major LLM agent development frameworks, LangChain and LlamaIndex. The results show that in general over 90% trials are vulnerable to MCFA

high relevance attack

Paper 2512.23480v1

2025-12-29

Agentic AI for Autonomous Defense in Software Supply Chain Security: Beyond Provenance to Vulnerability Mitigation

agent coordination. The suggested system utilizes specialized security agents coordinated with the help of LangChain and LangGraph, communicates with actual CI/CD environments with the Model Context Protocol (MCP), and documents

high relevance defense

Paper 2512.18542v2

2025-12-20

SecureCode: A Production-Grade Multi-Turn Dataset for Training Security-Aware Code Generation Models

OWASP LLM Top 10 2025 categories across more than 40 frameworks, including LangChain, OpenAI, and Hugging Face). Every example follows a 4-turn conversational structure -- feature request; vulnerable and secure

medium relevance benchmark

Paper 2510.19264v1

2025-10-22

LAPRAD: LLM-Assisted PRotocol Attack Discovery

different LLM automatically constructs the corresponding attack configurations using the ReACT approach implemented via LangChain (DNS zone file generation). Finally, in the third stage, we validate the attack's functionality

high relevance attack

Previous Page 2 of 2