Home

Description

LangChain is a framework for building agents and LLM-powered applications. From versions 0.3.79 and prior and 1.0.0 to 1.0.6, a template injection vulnerability exists in LangChain's prompt template system that allows attackers to access Python object internals through template syntax. This vulnerability affects applications that accept untrusted template strings (not just template variables) in ChatPromptTemplate and related prompt template classes. This issue has been patched in versions 0.3.80 and 1.0.7.

PUBLISHED Reserved 2025-11-17 | Published 2025-11-21 | Updated 2025-11-21 | Assigner GitHub_M




HIGH: 8.3CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine

Product status

>= 1.0.0, < 1.0.7
affected

< 0.3.80
affected

References

github.com/...gchain/security/advisories/GHSA-6qv9-48xg-fc7f

github.com/...ommit/c4b6ba254e1a49ed91f2e268e6484011c540542a

github.com/...ommit/fa7789d6c21222b85211755d822ef698d3b34e00

cve.org (CVE-2025-65106)

nvd.nist.gov (CVE-2025-65106)

Download JSON