LangChain & LangGraph Hit by Three Critical Security Flaws — Patch Now
Security researchers have uncovered three serious vulnerabilities in LangChain and LangGraph, the widely used Python libraries powering AI applications across thousands of enterprises. The most alarming of the trio, CVE-2025-68664, carries a CVSS score of 9.3 and exploits deserialization of untrusted data — a class of vulnerability that can allow attackers to execute arbitrary code or exfiltrate sensitive information simply by feeding malicious input into an application's pipeline.
The second flaw, CVE-2026-34070, is a path traversal bug lurking in the prompt-loading API, making it possible for a bad actor to reach outside an application's intended directory and read arbitrary files from the host filesystem. A third vulnerability rounds out the disclosure, exposing full conversation history that applications may have assumed was safely isolated. Together, these issues affect LangChain-Core, LangChain, and LangGraph packages, which collectively log millions of weekly downloads on PyPI.
The good news is that patches are already available. The bad news is that the window between disclosure and active exploitation is typically short for high-severity CVEs with public proof-of-concept details. Any production application built on these packages should treat this as an immediate dependency update, not a scheduled maintenance item. Developers are advised to pin to patched versions, audit environment variable handling, and review how their applications load external prompt templates.