CVE-2026-45134 | langchain-ai langsmith-sdk pull_prompt/pull_prompt_commit deserialization (GHSA-3644-q5cj-c5c7)

Inserito da Angelo Barbosa | Mag 28, 2026 | CVE

A vulnerability described as critical has been identified in langchain-ai langsmith-sdk. This impacts the function pull_prompt/pull_prompt_commit. Such manipulation leads to deserialization.

This vulnerability is listed as CVE-2026-45134. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is recommended.

CVE-2026-45134 | langchain-ai langsmith-sdk pull_prompt/pull_prompt_commit deserialization (GHSA-3644-q5cj-c5c7)

Post correlati

CVE-2021-47213 | Linux Kernel up to 5.15.4 NFSD nfsd4_decode_bitmap state issue (10c22d9519f3/c0019b7db1d7)

CVE-2025-26524 | Rupeeseed Technology Ventures RupeeWeb prior 66.9 API Endpoint bombing/ improper control of interaction frequency (CIVN-2025-0020)

CVE-2026-38949 | HTMLy 3.1.1 /add/content?type=image cross site scripting

CVE-2025-10210 | yanyutao0402 ChanCMS up to 3.3.0 Api.js search key sql injection