CVE-2025-68665
Unknown Unknown - Not Provided

Serialization Injection in LangChain JS toJSON() Method

Vulnerability report for CVE-2025-68665, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-23

Last updated on: 2025-12-23

Assigner: GitHub, Inc.

Description

LangChain is a framework for building LLM-powered applications. Prior to @langchain/core versions 0.3.80 and 1.1.8, and prior to langchain versions 0.3.37 and 1.2.3, a serialization injection vulnerability exists in LangChain JS's toJSON() method (and subsequently when string-ifying objects using JSON.stringify(). The method did not escape objects with 'lc' keys when serializing free-form data in kwargs. The 'lc' key is used internally by LangChain to mark serialized objects. When user-controlled data contains this key structure, it is treated as a legitimate LangChain object during deserialization rather than plain user data. This issue has been patched in @langchain/core versions 0.3.80 and 1.1.8, and langchain versions 0.3.37 and 1.2.3

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-23
Last Modified
2025-12-23
Generated
2026-07-06
AI Q&A
2025-12-24
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 4 associated CPEs
Vendor Product Version / Range
langchain core 0.3.80
langchain langchain 1.2.3
langchain core 1.1.8
langchain langchain 0.3.37

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-502 The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a serialization injection issue in LangChain JS's toJSON() method. The method did not properly escape objects with 'lc' keys when serializing free-form data in keyword arguments. Since the 'lc' key is used internally by LangChain to mark serialized objects, user-controlled data containing this key structure could be treated as legitimate LangChain objects during deserialization instead of plain user data, potentially allowing injection of malicious serialized objects.

Impact Analysis

This vulnerability can impact you by allowing an attacker to inject malicious serialized objects during deserialization, which could lead to unauthorized actions or compromise of the application using LangChain. The CVSS score of 8.6 indicates a high severity with network attack vector and no user interaction required, potentially leading to high confidentiality impact.

Mitigation Strategies

Update @langchain/core to version 0.3.80 or 1.1.8 or later, and update langchain to version 0.3.37 or 1.2.3 or later, as these versions contain the patch that fixes the serialization injection vulnerability in the toJSON() method.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-68665. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart