SSRF Vulnerability in LangChain Framework by LangChain AI
CVE-2026-41488

3.1LOW

Key Information:

Vendor: Langchain-ai
Status: Langchain-openai
Vendor: CVE Published:; 24 April 2026

🔔 Create Langchain-ai Vulnerability Alert

What is CVE-2026-41488?

LangChain, a framework designed for building agent-based applications with large language models, contains a security vulnerability in the langchain-openai component prior to version 1.1.14. The _url_to_size() helper function, utilized for counting tokens in images, implements a flawed validation mechanism against Server-Side Request Forgery (SSRF). Specifically, it validates URLs to ensure SSRF protection but subsequently fetches them in a separate operation that allows for a Time-of-Check to Time-of-Use (TOCTOU) attack. An adversary can exploit this by controlling a hostname, compelling it to resolve to a public IP during the validation stage and subsequently redirecting it to a private or localhost IP address during the fetch process.

Affected Version(s)

langchain-openai < 1.1.14

References

https://github.com/langchain-ai/langchain/security/adviso...

x_refsource_CONFIRM

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 24, 2026
Vulnerability Reserved
Apr 20, 2026

CVE-2026-41488 Data

JSON