CVE-2025-65106

Description

LangChain is a framework for building agents and LLM-powered applications. From versions 0.3.79 and prior and 1.0.0 to 1.0.6, a template injection vulnerability exists in LangChain's prompt template system that allows attackers to access Python object internals through template syntax. This vulnerability affects applications that accept untrusted template strings (not just template variables) in ChatPromptTemplate and related prompt template classes. This issue has been patched in versions 0.3.80 and 1.0.7.

Weakness Type (CWE)

CWE-1336 CWE-1336

References

Other References

https://github.com/langchain-ai/langchain/commit/c4b6ba254e1a49ed91f2e268e6484011c540542a https://github.com/langchain-ai/langchain/commit/fa7789d6c21222b85211755d822ef698d3b34e00 https://github.com/langchain-ai/langchain/security/advisories/GHSA-6qv9-48xg-fc7f

Frequently Asked Questions

What is CVE-2025-65106? +

LangChain is a framework for building agents and LLM-powered applications. From versions 0.3.79 and prior and 1.0.0 to 1.0.6, a template injection vulnerability exists in LangChain's prompt template system that allows attackers to access Python object internals through template syntax. This vulnerability affects applications that accept untrusted template strings (not just template variables) in ChatPromptTemplate and related prompt template classes. This issue has been patched in versions 0.3.80 and 1.0.7.

How do I check if I'm vulnerable to CVE-2025-65106? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2026-44129

SEPPmail Secure Email Gateway before version 15.0.4 contains a server-side template injection vulnerability in the new GINA UI because an …

CVE-2025-26789

An issue was discovered in Logpoint AgentX before 1.5.0. A vulnerability caused by limited access controls allowed li-admin users to …

CVE-2024-9150

Report generation functionality in Wyn Enterprise allows for code inclusion, but not sufficiently limits what code might be included. An …

CVE-2025-34300

A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior to 9.16.14 via the ciwweb.pl http://ciwweb.pl/ Perl web …

CVE-2024-58293

Akaunting 3.1.8 contains a server-side template injection vulnerability that allows authenticated administrators to execute template expressions in multiple form input …

CVE-2024-58303

FoF Pretty Mail 1.1.2 contains a server-side template injection vulnerability that allows administrative users to inject malicious code into email …