CVE-2026-40087— LangChain 安全漏洞

LangChain has incomplete f-string validation in prompt templates

LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string templates and formatted them without enforcing the same attribute-access validation as PromptTemplate. In particular, DictPromptTemplate and ImagePromptTemplate could accept templates containing attribute access or indexing expressions and subsequently evaluate those expressions during formatting. Second, f-string validation based on parsed top-level field names did not reject nested replacement fields inside format specifiers. In this pattern, the nested replacement field appears in the format specifier rather than in the top-level field name. As a result, earlier validation based on parsed field names did not reject the template even though Python formatting would still attempt to resolve the nested expression at runtime. This vulnerability is fixed in 0.3.84 and 1.2.28.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-1336

LangChain 安全漏洞

LangChain是LangChain开源的一个用于开发由大型语言模型 （LLM） 提供支持的应用程序的框架。 LangChain 0.3.84之前版本和1.2.28之前版本存在安全漏洞，该漏洞源于f字符串提示模板验证不完整，可能导致属性访问或索引表达式在格式化时被求值。

N/A

N/A