CVE-2026-45134 – langchain / langsmith-sdk

CVSS 7.1 IMPORTANT

“Unsafe deserialization in AI development tools can turn trusted data handling into remote code execution risk.”

langchain-ai released patches for two high-severity vulnerabilities affecting langchain and langsmith-sdk. CVE-2026-44843 has a CVSS score of 8.2, which is High severity. CVE-2026-45134 has a CVSS score of 7.1, which is High severity.

The vulnerabilities involve unsafe deserialization weaknesses that could allow remote code execution in affected environments. The updates strengthen object handling protections and reduce the risk of attackers executing unauthorized code through crafted serialized input.

Key Details

Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: Required
CWE Classification: CWE-502

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2026-45134 – langchain / langsmith-sdk

Key Details

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002