PyPI/langchain-community — 9 CVEs

CRITICAL9.8CVE-2024-2057A vulnerability was found in LangChain langchain_community 0.0.26.

from 0, <= 0.0.26

HIGH8.4CVE-2025-2828LangChain Community SSRF vulnerability exists in RequestsToolkit component

from 0, < 0.0.28

HIGH8.4CVE-2025-2828LangChain Community SSRF vulnerability exists in RequestsToolkit component

from 0, < e188d4ecb085d4561a0be3c583d26aa9c2c3283f | from 0, < 0.0.28

HIGH7.5Langchain Community Vulnerable to XML External Entity (XXE) Attacks

from 0, < 0.3.27

MEDIUM5.2LangChain pickle deserialization of untrusted data

from 0, < 0.2.4

MEDIUM4.9Langchain SQL Injection vulnerability

>= 0.2.0, < 0.3.0

MEDIUM4.9Langchain SQL Injection vulnerability

>= 0.2.0, < 0.2.19

MEDIUM4.8Server-Side Request Forgery in langchain-community.retrievers.web_research.WebResearchRetriever

from 0, < 0.2.9

MEDIUM4.2Denial of service in langchain-community

from 0, < 0.2.5

pkg:PyPI/langchain-community