CVE-2025-68664

Name of the Vulnerable Software and Affected Versions: LangChain versions prior to 0.3.81 and 1.2.5

Description: A serialization injection vulnerability exists in LangChain's dumps() and dumpd() functions. These functions do not properly escape dictionaries containing 'lc' keys when serializing data. The 'lc' key is used internally by LangChain to identify serialized objects. When user-controlled data includes this key structure, it is incorrectly treated as a legitimate LangChain object during deserialization instead of plain user data. This allows attackers to potentially extract sensitive information, such as environment variables, and potentially execute arbitrary code. The vulnerability is exploitable through prompt injection via LLM responses and can affect various components, including streaming operations and cached data.

Recommendations: Upgrade to LangChain version 0.3.81 or 1.2.5 or later. If upgrading is not immediately possible, restrict deserialization to a predefined allowlist of trusted objects and disable automatic loading of secrets from environment variables. Treat all LLM outputs as untrusted data, especially when serialization or deserialization is involved.