CVE-2025-68664 CRITICAL

CVE-2025-68664: LangChain serialization injection vulnerability enables secret extraction in dumps/loads APIs

Vendor Langchain-Ai
Product langchain
Weakness CWE-502 · Unsafe deserialization
Published December 23, 2025
Last update December 24, 2025

CVSS base score

9.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N

What the vulnerability does

01Description

LangChain is a framework for building agents and LLM-powered applications. Prior to versions 0.3.81 and 1.2.5, a serialization injection vulnerability exists in LangChain's dumps() and dumpd() functions. The functions do not escape dictionaries with 'lc' keys when serializing free-form dictionaries. The 'lc' key is used internally by LangChain to mark serialized objects. When user-controlled data contains this key structure, it is treated as a legitimate LangChain object during deserialization rather than plain user data. This issue has been patched in versions 0.3.81 and 1.2.5.

Key dates

02Disclosure timeline

December 23, 2025 CVE published
December 24, 2025 Record updated