CVE-2025-68664
Serialization Injection in LangChain dumps() Allows Malicious Object Injection
Publication date: 2025-12-23
Last updated on: 2025-12-23
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| langchain | langchain | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-502 | The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a serialization injection issue in LangChain's dumps() and dumpd() functions prior to versions 0.3.81 and 1.2.5. These functions do not properly escape dictionaries containing the 'lc' key when serializing free-form dictionaries. Since the 'lc' key is used internally by LangChain to mark serialized objects, user-controlled data with this key can be interpreted as legitimate LangChain objects during deserialization instead of plain data, potentially allowing malicious injection.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to inject malicious serialized objects into LangChain applications by exploiting the improper handling of the 'lc' key during serialization and deserialization. This can lead to unauthorized code execution or manipulation of application behavior, compromising confidentiality and integrity of data, as indicated by the high CVSS score (9.3) with high confidentiality impact and low integrity impact.
What immediate steps should I take to mitigate this vulnerability?
Upgrade LangChain to version 0.3.81 or 1.2.5 or later, as these versions contain patches that fix the serialization injection vulnerability in the dumps() and dumpd() functions.