PyPI: langchain-core
CVE-2026-44843
Safety vulnerability ID: SFTY-20260508-09576
Safety legacy ID: pyup.io-96806
Affected versions of the langchain-core package are vulnerable to Unsafe Deserialisation due to runtime code paths that call load() with allowed_objects="all", permitting any trusted LangChain-serialisable object to be revived from attacker-controlled input. Affected API surfaces include RunnableWithMessageHistory, astream_log(), and astream_events(version="v1"), where attacker-supplied nested dictionaries preserved in run inputs or outputs are deserialised without adequate restriction. An attacker who can submit untrusted structured input to an affected application can inject LangChain serialised constructor payloads to instantiate classes with untrusted constructor arguments.
Overview
LangChain vulnerable to unsafe deserialization of attacker-controlled objects through overly broad `load()` allowlists
Advisory
Affected versions of the langchain-core package are vulnerable to Unsafe Deserialisation due to runtime code paths that call load() with allowed_objects="all", permitting any trusted LangChain-serialisable object to be revived from attacker-controlled input. Affected API surfaces include RunnableWithMessageHistory, astream_log(), and astream_events(version="v1"), where attacker-supplied nested dictionaries preserved in run inputs or outputs are deserialised without adequate restriction. An attacker who can submit untrusted structured input to an affected application can inject LangChain serialised constructor payloads to instantiate classes with untrusted constructor arguments.
How to Fix
Mitigation and Workarounds
---
Vulnerable Functions
Functions linked to known vulnerabilities.
References
- https://getsafety.com/vulnerabilities/SFTY-20260508-09576/CVE-2026-44843
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44843
- https://github.com/advisories/GHSA-PJWX-R37V-7724
- https://pypi.org/project/langchain-core
- https://github.com/langchain-ai/langchain/security/advisories/GHSA-pjwx-r37v-7724
- https://github.com/advisories/GHSA-pjwx-r37v-7724
Verified by Safety
Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.
Learn more