CVE-2025-6984 | langchain-ai LangChain up to 0.3.63 EverNoteLoader etree.iterparse xml external entity reference

Inserito da Angelo Barbosa | Set 4, 2025 | CVE

A vulnerability described as problematic has been identified in langchain-ai LangChain up to 0.3.63. Affected by this issue is the function etree.iterparse of the component EverNoteLoader Component. The manipulation results in xml external entity reference.

This vulnerability was named CVE-2025-6984. The attack may be performed from remote. There is no available exploit.

CVE-2025-6984 | langchain-ai LangChain up to 0.3.63 EverNoteLoader etree.iterparse xml external entity reference

Post correlati

CVE-2024-49694 | imw3 My Wp Brand Plugin up to 1.1.2 on WordPress authorization

CVE-2024-41045 | Linux Kernel up to 6.9.9 bpf_timer_cancel_and_free initialization (7aa5a19279c3/a6fcd19d7eac)

CVE-2025-1357 | Seventh D-Guard up to 20250206 HTTP GET Request path traversal

CVE-2025-61577 | D-Link DIR-816A2 1.10CNB05 dir_setWanWifi statuscheckpppoeuser stack-based overflow