Detections
Analytics

LangChain Core < 1.2.22 Path Traversal (GHSA-qh6h-p6c9-ff54)

high Nessus Plugin ID 304816

Synopsis

The remote host is affected by a path traversal vulnerability.

Description

The version of LangChain Core installed on the remote host is prior to 1.2.22. It is, therefore, affected by a path traversal vulnerability:

 - Multiple functions in langchain_core.prompts.loading read files from paths embedded in deserialized config dicts without validating against directory traversal or absolute path injection. When an application passes user-influenced prompt configurations to load_prompt() or load_prompt_from_config(), an attacker can read arbitrary files on the host filesystem, constrained only by file-extension checks. (CVE-2026-34070)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to LangChain Core version 1.2.22 or later.

See Also

http://www.nessus.org/u?a13ea011

Plugin Details

Severity: High

ID: 304816

File Name: langchain_core_CVE-2026-34070.nasl

Version: 1.1

Type: Local

Published: 4/3/2026

Updated: 4/3/2026

Configuration: Enable thorough checks (optional)

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

CVSS Score Source: CVE-2026-34070

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

CPE: cpe:/a:langchain-ai:langchain-core

Required KB Items: installed_sw/LangChain-Core

Patch Publication Date: 3/26/2026

Vulnerability Publication Date: 3/26/2026

Reference Information

CVE: CVE-2026-34070