CVE-2026-25750

Name of the Vulnerable Software and Affected Versions Langchain Helm Charts versions prior to 0.12.71

Description Langchain Helm Charts, used for deploying Langchain applications on Kubernetes, had a flaw where a specially crafted link could lead to the theft of authentication tokens. This allowed an attacker to impersonate a user and gain access to LangSmith resources. The attack required convincing a user to click a malicious link, transmitting their bearer token, user ID, and workspace ID to an attacker-controlled server. The stolen tokens were valid for approximately 5 minutes. The issue affected both LangSmith Cloud and self-hosted deployments. The vulnerability stemmed from a lack of validation of the baseUrl parameter, allowing tokens to be sent to unauthorized servers.

Recommendations Upgrade to version 0.12.71 or later to implement validation requiring user-defined allowed origins for the baseUrl parameter.