CVE-2025-46726

Name of the Vulnerable Software and Affected Versions Langroid versions prior to 0.53.4

Description A LLM application leveraging the XMLToolMessage class may be exposed to untrusted XML input, potentially resulting in Denial of Service (DoS) and/or exposing local files with sensitive information. The XMLToolMessage class uses lxml without safeguards, making it vulnerable to quadratic blowup attacks and allowing the processing of external entity declarations for local files by default.

Recommendations For versions prior to 0.53.4, update to version 0.53.4 to fix the issue. As a temporary workaround, consider disabling the use of the XMLToolMessage class until the update is applied. Restrict access to the lxml library to minimize the risk of exploitation. Avoid using the XMLToolMessage class with untrusted XML input until the issue is resolved.