LangChain Community: redirect chaining can lead to SSRF bypass via RecursiveUrlLoader
- Severity:
- Medium
Description
A redirect-based Server-Side Request Forgery (SSRF) bypass exists in RecursiveUrlLoader in @langchain/community. The loader validates the initial URL but allows the underlying fetch to follow redirects automatically, which permits a transition from a safe public URL to an internal or metadata endpoint without revalidation.
Recommendation
Update the @langchain/community package to the latest compatible version. Followings are version details:
- Affected version(s): <= 1.1.17
- Patched version(s): 1.1.18
References
Related Issues
- @langchain/community affected by SSRF Bypass in RecursiveUrlLoader via insufficient URL origin validation - CVE-2026-26019
- Parse Server has role escalation and CLP bypass via direct `_Join` table write - CVE-2026-30966
- ApostropheCMS MFA/TOTP Bypass via Incorrect MongoDB Query in Bearer Token Middleware - CVE-2026-32730
- Parse Server has a password reset token single-use bypass via concurrent requests - CVE-2026-32943
- Tags:
- npm
- @langchain/community
Anything's wrong? Let us know Last updated on February 25, 2026