- Description
- LangChain is a framework for building agents and LLM-powered applications. Prior to versions 0.3.81 and 1.2.5, a serialization injection vulnerability exists in LangChain's dumps() and dumpd() functions. The functions do not escape dictionaries with 'lc' keys when serializing free-form dictionaries. The 'lc' key is used internally by LangChain to mark serialized objects. When user-controlled data contains this key structure, it is treated as a legitimate LangChain object during deserialization rather than plain user data. This issue has been patched in versions 0.3.81 and 1.2.5.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
- Products
- langchain_core
CVSS 3.1
- Type
- Primary
- Base score
- 8.2
- Impact score
- 4.2
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
- Severity
- HIGH
- security-advisories@github.com
- CWE-502
- Hype score
- Not currently trending
Three vulnerabilities in LangChain & LangGraph: path traversal flaw (CVE-2026-34070, CVSS 7.5) exposed files, deserialization bug (CVE-2025-68664, CVSS 9.3) leaked API keys. #security #LangChain #LangGraph
@bigmacd16684
30 Mar 2026
143 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
📢 𝐍𝐞𝐰 𝐂𝐕𝐄 𝐚𝐧𝐚𝐥𝐲𝐬𝐢𝐬 𝐣𝐮𝐬𝐭 𝐝𝐫𝐨𝐩𝐩𝐞𝐝! Uncover how CVE-2025-68664 exposes critical deserialization flaws in LangChain and LangGraph, risking data leaks and cloud exposure across AI deployments. 📖 Check th
@PurpleOps_io
28 Mar 2026
100 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 BREAKING: Three critical flaws just dropped for LangChain & LangGraph — the AI frameworks powering millions of enterprise deployments. CVE-2025-68664 (CVSS 9.3): An attacker can use prompt injection to make your LLM exfiltrate your own API keys. https://t.co/GrBSYPpHc
@nxtgen579255
28 Mar 2026
81 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
TRC analysis shows attackers exploiting LangChain deserialization flaws to inject malicious data and access environment secrets (CVE-2025-68664). Initial compromise leads to credential theft, then lateral movement across cloud services. Runtime segmentation helps contain
@aviatrixtrc
27 Mar 2026
92 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 LangChain重大脆弱性 CVE-2025-68664(CVSS 9.3)12の脆弱なフローで秘密情報漏洩・任意コード実行の可能性。LangChain.jsも影響。早急なパッチ適用を https://t.co/MJ1fEqufOP #LangChain #セキュリティ #脆弱性
@neural_nw_ai
19 Mar 2026
176 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-68664: ALERTA CRÍTICA POR INYECCIÓN DE SERIALIZACIÓN EN EL FRAMEWORK LANGCHAIN https://t.co/Er1JxJ1fw7
@KernelReload
15 Mar 2026
128 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Clear the session, clear the threat. That assumption just failed. LangChain CVE-2025-68664 demonstrated how malicious instructions in LLM response fields persist through serialization cycles. One prompt injection in cached data becomes durable compromise. The instruction doesn't
@_MrDecentralize
10 Mar 2026
96 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-68664 (LangGrinch): LangChain deserializes LLM-influenced data as trusted objects. Prompt injection → secret leakage. We recreated 2000s serialization bugs, but with AI. "Autonomous agents" in prod without architecture review. A tutorial of what NOT to do.
@CisoRaging77913
16 Feb 2026
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
3 Replies
0 Quotes
Prompt security isn’t enough. LangGrinch (CVE-2025-68664) in langchain-core. Patch 0.3.81+ or 1.2.5+. Agent SDKs are Tier 1 deps. In your patch SLA? https://t.co/UuPcWRy84B #SupplyChainSecurity #Cybersecurity https://t.co/GC0yfT8E4X
@Wisr_AI
4 Feb 2026
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A high-severity serialization injection vulnerability in langchain-core (CVE-2025-68664) enables secret extraction and malicious effects via an unescaped lc marker. Mitigations include patched upgrades and Defender integrations. #LangChain #AppSec https://t.co/bPdlcX2fwD
@TweetThreatNews
1 Feb 2026
197 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
A serialization injection flaw (CVE-2025-68664, “LangGrinch”) in langchain-core Python package enables attackers to instantiate malicious objects via reserved lc key. Microsoft patches and detection tools available. #LangChain #SerializationFlaw https://t.co/25g2FJfxxW
@TweetThreatNews
1 Feb 2026
191 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Microsoft Case Study: LangGrinch (CVE-2025-68664) Shows How AI Framework Bugs Become Supply-Chain Exploits Microsoft breaks down “LangGrinch” (CVE-2025-68664, CVSS 9.3) in LangChain Core—a serialization/deserialization injection via the reserved `lc` marker that can l
@ThreatSynop
30 Jan 2026
67 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 [ ADVISORY ] CASE_LOG_001 AI output is UNTRUSTED input. LangGrinch (CVE-2025-68664) proves prompt injection = RCE. Sandbox your agents now. [ 🔻 LINK ] https://t.co/TW3Gg2Ma5B #CyberSecurityAwareness #artificial_intelligence https://t.co/y8Z68XYNPL
@MatrixSecHub
29 Jan 2026
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical RCE in LangChain Core (847M+ downloads) CVE-2025-68664 allows unsafe deserialization via LLM outputs, enabling secret exfiltration, SSRF, and potential RCE across common LangChain workflows. While most teams are still assessing impact and planning patches, Root ht
@Teamrootio
6 Jan 2026
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 LangChain Core [—] Jan 05, 2026 Comprehensive Product Security Advisory and Risk Assessment for LangChain Core Serialization Injection Vulnerability (CVE-2025-68664) and Associated Agent System Risks. Checkout our Threat Intelligence Platform:... https://t.co/kk0AjBZt6m
@transilienceai
5 Jan 2026
70 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Started publishing weekly roundups of what's happening in #AppSec world 🌎 MongoDB CVE that hit self-hosted instances tokenless CSRF making it into OWASP guidance OpenPGP implementation bugs. LangChain CVE-2025-68664 TruffleHog's JWT liveness checks.
@sshivasurya
5 Jan 2026
114 Impressions
0 Retweets
3 Likes
0 Bookmarks
1 Reply
1 Quote
⚠️ LangChain Core Vulnerability Allows Prompt Injection and Data Exposure (CVE-2025-68664) https://t.co/16fpPePCc4 A critical flaw in LangChain Core’s serialization functions (dumps()/dumpd()) lets attackers inject malicious object structures via prompt injection and uns
@Huntio
3 Jan 2026
513 Impressions
3 Retweets
6 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 LangChain.js [—] Jan 03, 2026 Critical Security Advisory: CVE-2025-68664 LangChain Serialization Injection & Related Vulnerabilities Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 #ThreatIntelligence https://t.co/LcCl4WTpzf
@transilienceai
3 Jan 2026
90 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Two critical vulnerabilities were published December 23, 2025 affecting LangChain Python (CVE-2025-68664, CVSS 9.3) and JavaScript (CVE-2025-68665, CVSS 8.6). Both are serialization injection flaws in dumps(), dumpd(), and toJSON() methods. The vulnerability: User-controlled
@ignorePriorSec
30 Dec 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Two critical vulnerabilities were published December 23, 2025 affecting LangChain Python (CVE-2025-68664, CVSS 9.3) and JavaScript (CVE-2025-68665, CVSS 8.6). Both are serialization injection flaws in dumps(), dumpd(), and toJSON() methods. The vulnerability: User-controlled
@ignorePriorSec
29 Dec 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
este CVE-2025-68664 esta medio escondido entre la demas pila de cosas que hay para el fin de año. Langchain es un framework para desarrollos con AI y sus devs seguro lo han probado. critical serialization injection vulnerability affecting the LangChain framework
@hmier
29 Dec 2025
120 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Warning: Multiple vulnerabilities in #LangChain. #CVE-2025-68664 CVSS: 9.3 #CVE-2025-68665 CVSS: 8.6. These are both serialization injection vulnerabilities. #Patch #Patch #Patch https://t.co/ljDdkgeamx
@CCBalert
29 Dec 2025
267 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Your AI agent can leak your keys without anyone hacking you. Opinion: LLM output is untrusted input. Cost: one leak means rotated keys, blown budget, and a week of cleanup. Proof: LangChain CVE-2025-68664 (9.3 Critical). dumps()/dumpd() can treat a user dict with a reserved “l
@AITools20
29 Dec 2025
191 Impressions
0 Retweets
0 Likes
0 Bookmarks
2 Replies
0 Quotes
🚨 LangChain Core Critical Flaw CVE-2025-68664 (CVSS 9.3) enables serialization injection, exposing secrets & enabling prompt-based attacks in LLM apps. 🔍 Details via Vulert 👉https://t.co/do7Wstb9Nh #LangChain #CVE #AISecurity #DevSecOps
@vulert_official
29 Dec 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
LangChain Core has a critical bug that lets attackers extract secrets and steer LLM output. The issue, CVE-2025-68664 (CVSS 9.3), abuses how user data with lc keys is deserialized as trusted objects. Prompt injection can trigger it through normal LLM responses. https://t.co/fCmM
@FartslonF
27 Dec 2025
67 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 LangGrinch: Critical LangChain-Core Bug Enables Secret Theft via Serialization Injection (CVE-2025-68664) Attackers can inject crafted `lc`-key objects through user-influenced fields (e.g., `metadata`, `additional_kwargs`, `response_metadata`) so `dumps()/dumpd()` content is
@ThreatSynop
27 Dec 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical LangChain Serialization Injection Bug Exposes Secrets and May Enable Code Execution A critical flaw in langchain-core (CVE-2025-68664) lets attackers inject crafted “lc” structures so user-controlled data is treated as LangChain objects during deserialization,
@ThreatSynop
27 Dec 2025
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical LangChain Flaw Lets Attackers Exfiltrate Secrets via Unsafe Deserialization A critical bug in langchain-core serialization (CVE-2025-68664) enables prompt/LLM-output–influenced data to trigger unsafe deserialization paths (e.g., logging/streaming/caching), leaking
@ThreatSynop
27 Dec 2025
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
How CVE-2025-68664 Allows Hackers to Siphon Your Private Data Directly from the vLLM Engine Read the full report on - https://t.co/9Aji9Icga9 https://t.co/NeYgkLm8Pj
@cyberbivash
27 Dec 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical LangChain Core Vulnerability: "LangGrinch" (CVE-2025-68664, CVSS 9.3) 🚨 Prompt injection exploits a serialization flaw in dumps()/dumpd() — failing to escape the internal "lc" key lets tainted LLM output get deserialized as trusted objects. Result: Secret leaks
@adenner
27 Dec 2025
109 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical LangChain Vulnerability (CVE-2025-68664) Puts LLM Apps at Risk #Cybersecurity #cyashadotcom #JanaNayaganAudioLaunch https://t.co/MoAsUFrqjj
@cyashadotcom
27 Dec 2025
358 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-68664: patch LangChain now. Read More: https://t.co/XMxW6mlYZP #Sec #Vuln #Patch #LangChain #Sec #Vuln #Patch #LangChain
@true_redfence
27 Dec 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【LangChain CoreのCVE-2025-68664、修正版公開】 langchain-coreのdumps()/dumpd()で、ユーザー入力に含まれる予約キー「lc」が適切にエスケープされず、load()/loads()でLangChainオブジェクトとして扱われ得る脆弱性(CVE-2025-68664)
@LangChainJP
27 Dec 2025
976 Impressions
1 Retweet
8 Likes
2 Bookmarks
1 Reply
0 Quotes
LangChain CVE-2025-68664 (CVSS 9.3) 🚨 Prompt Injection is now triggering Deserialization! 🤯 The game has changed. Hunters, are you fuzzing lc keys or doing deep Code Review for this? 👇 @rez0__ @zwt @nahamsec @Jhaddix @securibee @Rhynorater https://t.co/FZAIXRobD
@MRTUFAN_BD
27 Dec 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Falha crítica no LangChain Core permite roubo de segredos e manipulação de respostas: Vulnerabilidade CVE-2025-68664 permite injeção de objetos via serialização, expondo dados sensíveis e possibilitando execuções maliciosas; atualização urgente é recomendada. https:/
@caveiratech
26 Dec 2025
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
All I Want for Christmas Is Your Secrets: LangGrinch hits LangChain Core (CVE-2025-68664) - Cyata | The Control Plane for Agentic Identity https://t.co/jpzB5SIQXB # #devtalk
@dev_talk
26 Dec 2025
67 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🔍 𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐕𝐄 𝐛𝐫𝐞𝐚𝐤𝐝𝐨𝐰𝐧 𝐚𝐯𝐚𝐢𝐥𝐚𝐛𝐥𝐞 𝐧𝐨𝐰! Is your LangChain app leaking secrets? Uncover how CVE-2025-68664 enables injection attacks and what steps you must take to secure your AI stack.
@PurpleOps_io
26 Dec 2025
66 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-68664 - Lord of the Strings: The Return of the 'lc' Key --- In the land of AI agents, so shiny and bright, LangChain was the framework that felt just right. One hundred twenty-three thousand stars in the sky, But nobody noticed the bug slipping by. --- The dumps()
@gothburz
26 Dec 2025
3033 Impressions
2 Retweets
32 Likes
5 Bookmarks
3 Replies
1 Quote
Czy jesteś gotów na nową falę zagrożeń cyberbezpieczeństwa dla aplikacji AI? Nowo odkryta podatność w (CVE-2025-68664) osłabia aplikacje AI, umożliwiając kradzież danych i zdalne wykonanie kodu. Bądź na bieżąco! #LangChain #Cybersecurity #AI https://t.co/mjaRQ
@VIPentest
26 Dec 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical vulnerability in LangChain -- CVE-2025-68664: https://t.co/REzlUDGesF
@yoshiks
26 Dec 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical LangChain Core vulnerability (CVE-2025-68664) allows attackers to steal secrets and manipulate LLM behavior via serialization injection flaws. https://t.co/bY83uz78PC #CyberSecurity #LangChain #LLMSecurity #PromptInjection #AIThreats #AppSec #CloudSecurity https://t.
@redsecuretech
26 Dec 2025
159 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
生成AIアプリ基盤として広く使われるLangChainの中核ライブラリに、秘密情報の窃取や応答改変につながる重大な欠陥が判明した(CVE-2025-68664)。巧妙な入力で内部処理を誤作動させ、LLMを攻撃者の意図通りに振る
@yousukezan
26 Dec 2025
2903 Impressions
12 Retweets
23 Likes
20 Bookmarks
0 Replies
0 Quotes
#HuttonAIAlerts 🚨 Critical AI Vulnerability Alert 🚨 A CVSS 9.3 flaw (CVE-2025-68664) just hit LangChain. Attackers can now exfiltrate your system secrets and API keys via simple prompt injection. Your AI "brain" shouldn't be a security liability. (1/4) https://t.co/Y
@HuttonTech
26 Dec 2025
12 Impressions
7 Retweets
8 Likes
0 Bookmarks
1 Reply
0 Quotes
LangChain Core has a critical bug that lets attackers extract secrets and steer LLM output. The issue, CVE-2025-68664 (CVSS 9.3), abuses how user data with lc keys is deserialized as trusted objects. Prompt injection can trigger it through normal LLM responses. 🔗 Read → ht
@TheHackersNews
26 Dec 2025
10905 Impressions
26 Retweets
76 Likes
14 Bookmarks
4 Replies
2 Quotes
🚨Vulnerability Alert ‼️ Security researcher Yarden Porat discovered a vulnerability in LangChain that exploits how the framework handles internal serialization markers. The flaw, dubbed CVE-2025-68664, received a CVSS score of 9.3, indicating critical severity. Source:
@H4ckmanac
26 Dec 2025
4762 Impressions
4 Retweets
25 Likes
6 Bookmarks
1 Reply
0 Quotes
All I Want for Christmas Is Your Secrets: LangGrinch hits LangChain Core (CVE-2025-68664) https://t.co/uidbKTMqUd
@NytroRST
26 Dec 2025
132 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
Today's top 5 cybersecurity news - December 26, 2025 1. A critical vulnerability identified as CVE-2025-68664 has been discovered in LangChain, a widely used AI framework, allowing attackers to extract sensitive environment variable secrets and potentially execute code through a
@NewsNerdie
26 Dec 2025
79 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
LangChain core vuln CVE-2025-68664 allowed env var exfiltration and possible code execution via deserialization flaws, patched just before Christmas 2025. Update now. #Vulnerability https://t.co/sbZrFg791Z
@threatcluster
26 Dec 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 𝐖𝐞 𝐟𝐨𝐮𝐧𝐝 𝐚 𝐜𝐫𝐢𝐭𝐢𝐜𝐚𝐥 𝐯𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐢𝐧 𝐋𝐚𝐧𝐠𝐂𝐡𝐚𝐢𝐧. Upgrade to langchain-core 1.2.5 or 0.3.81 immediately. Cyata's security researcher Yarden Porat discovere
@TeamCyata
26 Dec 2025
326 Impressions
2 Retweets
8 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Critical Langchain Vulnerability Let Attackers Exfiltrate Sensitive Secrets from AI systems Source: https://t.co/jcmomQRsvF A critical vulnerability in LangChain's core library (CVE-2025-68664) allows attackers to exfiltrate sensitive environment variables and potentia
@The_Cyber_News
26 Dec 2025
2812 Impressions
14 Retweets
63 Likes
18 Bookmarks
3 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:langchain:langchain_core:*:*:*:*:*:python:*:*",
"matchCriteriaId": "DC184324-6CF1-4F7A-B87F-6DD2120C3B3B",
"versionEndExcluding": "0.3.81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:langchain:langchain_core:*:*:*:*:*:python:*:*",
"matchCriteriaId": "4298E953-ED96-49EC-8474-86095D560F2B",
"versionEndExcluding": "1.2.5",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]