Bug 2424797 (CVE-2025-68665) - CVE-2025-68665 langchain-core: LangChain: Arbitrary Code Execution via Serialization Injection
Summary: CVE-2025-68665 langchain-core: LangChain: Arbitrary Code Execution via Serial...
Keywords:
Status: NEW
Alias: CVE-2025-68665
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-12-24 00:01 UTC by OSIDB Bzimport
Modified: 2025-12-24 17:21 UTC (History)
40 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2025-12-24 00:01:12 UTC 
LangChain is a framework for building LLM-powered applications. Prior to @langchain/core versions 0.3.80 and 1.1.8, and prior to langchain versions 0.3.37 and 1.2.3, a serialization injection vulnerability exists in LangChain JS's toJSON() method (and subsequently when string-ifying objects using JSON.stringify(). The method did not escape objects with 'lc' keys when serializing free-form data in kwargs. The 'lc' key is used internally by LangChain to mark serialized objects. When user-controlled data contains this key structure, it is treated as a legitimate LangChain object during deserialization rather than plain user data. This issue has been patched in @langchain/core versions 0.3.80 and 1.1.8, and langchain versions 0.3.37 and 1.2.3
Note You need to log in before you can comment on or make changes to this bug.