CVE-2026-14742
Received Received - Intake

Weak Hash Usage in LangGraph Task Result Cache

Vulnerability report for CVE-2026-14742, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-05

Last updated on: 2026-07-05

Assigner: VulDB

Description

A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function _freeze of the file libs/langgraph/langgraph/_internal/_cache.py of the component Task Result Cache. This manipulation of the argument default_cache_key causes use of weak hash. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is described as difficult. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-05
Last Modified
2026-07-05
Generated
2026-07-05
AI Q&A
2026-07-05
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
langchain-ai langgraph to 1.2.4 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-328 The product uses an algorithm that produces a digest (output value) that does not meet security expectations for a hash function that allows an adversary to reasonably determine the original input (preimage attack), find another input that can produce the same hash (2nd preimage attack), or find multiple inputs that evaluate to the same hash (birthday attack).
CWE-327 The product uses a broken or risky cryptographic algorithm or protocol.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the langchain-ai langgraph library, specifically in the _freeze function of the Task Result Cache component. The function generates cache keys by hashing input arguments. However, it uses a weak hashing method that only considers the object's type, raw bytes, and shape, ignoring important metadata such as data types for NumPy arrays or palette information for PIL images.

As a result, distinct inputs that differ in metadata but share the same raw byte representation produce identical cache keys. This causes cache collisions where different inputs are incorrectly treated as the same, leading to reuse of cached results from unrelated calls.

The vulnerability can be exploited remotely but requires a high level of attack complexity and is considered difficult to exploit. The issue has been publicly disclosed, and a fix is pending acceptance in a pull request.

Impact Analysis

This vulnerability can lead to incorrect cache hits where results from one input are returned for a different, semantically distinct input. In multi-user deployments with shared caches, this can cause security bypasses such as moderation evasion or cross-request result reuse.

For example, if two users submit different inputs that produce the same cache key due to the weak hashing, one user's cached result might be served to another user, potentially exposing sensitive or incorrect data.

This undermines the integrity and correctness of the system's behavior, possibly leading to unexpected or insecure outcomes.

Detection Guidance

This vulnerability involves cache key collisions in langchain-ai langgraph's Task Result Cache due to the _freeze function generating weak hash keys that ignore important metadata. Detection involves identifying if your system is using langgraph up to version 1.2.4 with the vulnerable _freeze function.

Since the issue is related to cache key collisions caused by ignoring metadata in inputs like NumPy arrays or PIL images, you can detect it by testing if distinct inputs with identical raw bytes but different metadata return the same cached results.

There are no specific network or system commands provided in the resources to detect this vulnerability automatically.

A practical approach is to run test cases in your environment that mimic the problematic behavior, for example, by creating two NumPy arrays with the same byte content but different dtypes and checking if the cache returns the same result erroneously.

Mitigation Strategies

The immediate mitigation step is to apply the fix introduced in the pending pull request that modifies the _freeze function to include distinguishing metadata (such as dtype for NumPy arrays and mode/palette for PIL images) in the cache key generation.

Until the fix is accepted and released, consider avoiding the use of keyword arguments that rely on the default cache key function with inputs that have identical raw bytes but different metadata.

If possible, disable or limit shared caching mechanisms (like InMemoryCache, Redis, or SQLite) in multi-user deployments to reduce the risk of cache collisions leading to security bypasses.

Monitor the official langchain-ai langgraph repository for the acceptance of the pull request and update to the fixed version as soon as it becomes available.

Compliance Impact

The vulnerability in langchain-ai langgraph causes cache key collisions due to weak hashing, which can lead to security bypasses such as moderation evasion or cross-request result reuse in multi-user deployments with shared caches.

Such security bypasses and unintended data sharing could potentially impact compliance with standards and regulations like GDPR or HIPAA, which require strict data integrity, confidentiality, and proper access controls.

However, the provided information does not explicitly describe the direct effects on compliance with these regulations.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-14742. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart