Inadequate Template Validation in LangChain Framework by LangChain AI
CVE-2026-40087

5.3MEDIUM

Key Information:

Vendor

Langchain-ai

Status
Langchain
Vendor
CVE Published:
9 April 2026

What is CVE-2026-40087?

LangChain, a framework for developing agents and LLM-powered applications, suffers from improper validation of f-string templates. Before versions 0.3.84 and 1.2.28, certain prompt template classes, notably DictPromptTemplate and ImagePromptTemplate, permitted the use of f-string templates without enforcing necessary attribute-access validation akin to that of the PromptTemplate. This oversight enabled the evaluation of attribute access and indexing expressions during formatting. Furthermore, pre-existing validations based solely on top-level field names failed to recognize and reject nested replacement fields found within format specifiers. Consequently, Python's formatting mechanism attempted to resolve these nested expressions at runtime, leading to potential security risks. This vulnerability has been addressed in the mentioned versions.

Affected Version(s)

langchain < 0.3.83 < 0.3.83

langchain >= 1.0.0a1, < 1.2.28 < 1.0.0a1, 1.2.28

References

https://github.com/langchain-ai/langchain/security/adviso...
x_refsource_CONFIRM
https://github.com/langchain-ai/langchain/pull/36612
x_refsource_MISC
https://github.com/langchain-ai/langchain/pull/36613
x_refsource_MISC

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.