In December 2025, CVE-2025-68665, a high-severity vulnerability (CVSS 8.6) was reported on LangChain. The vulnerability was an insecure deserialisation where an adversary could hijack secrets (e.g. OpenAI API keys), and depending on the set of allowed constructors (and their side effects), it could be escalated into arbitrary code execution.
The patch for LangChain vulnerability CVE-2025-68665 disables loading secrets from environment variables by default, and introduces an escape wrapper to prevent injection. This is good, however, the underlying functionality is insecure-by-design and the root-cause has not been addressed.
Read the full text: https://secdim.com/blog/post/langchain-load-is-basically-eval-17661/
Top comments (0)