CVE-2025-68665
Unknown Unknown - Not Provided
Serialization Injection in LangChain JS toJSON() Method

Publication date: 2025-12-23

Last updated on: 2025-12-23

Assigner: GitHub, Inc.

Description
LangChain is a framework for building LLM-powered applications. Prior to @langchain/core versions 0.3.80 and 1.1.8, and prior to langchain versions 0.3.37 and 1.2.3, a serialization injection vulnerability exists in LangChain JS's toJSON() method (and subsequently when string-ifying objects using JSON.stringify(). The method did not escape objects with 'lc' keys when serializing free-form data in kwargs. The 'lc' key is used internally by LangChain to mark serialized objects. When user-controlled data contains this key structure, it is treated as a legitimate LangChain object during deserialization rather than plain user data. This issue has been patched in @langchain/core versions 0.3.80 and 1.1.8, and langchain versions 0.3.37 and 1.2.3
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-23
Last Modified
2025-12-23
Generated
2026-06-16
AI Q&A
2025-12-24
EPSS Evaluated
2026-06-14
NVD
CVE-2025-68665
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
langchain core 0.3.80
langchain langchain 1.2.3
langchain core 1.1.8
langchain langchain 0.3.37
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-502 The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a serialization injection issue in LangChain JS's toJSON() method. The method did not properly escape objects with 'lc' keys when serializing free-form data in keyword arguments. Since the 'lc' key is used internally by LangChain to mark serialized objects, user-controlled data containing this key structure could be treated as legitimate LangChain objects during deserialization instead of plain user data, potentially allowing injection of malicious serialized objects.

Impact Analysis

This vulnerability can impact you by allowing an attacker to inject malicious serialized objects during deserialization, which could lead to unauthorized actions or compromise of the application using LangChain. The CVSS score of 8.6 indicates a high severity with network attack vector and no user interaction required, potentially leading to high confidentiality impact.

Mitigation Strategies

Update @langchain/core to version 0.3.80 or 1.1.8 or later, and update langchain to version 0.3.37 or 1.2.3 or later, as these versions contain the patch that fixes the serialization injection vulnerability in the toJSON() method.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-68665. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart