LangChain serialization injection vulnerability enables secret extraction

Severity:: High

Description

A serialization injection vulnerability exists in LangChain JS’s toJSON() method (and subsequently when string-ifying objects using JSON.stringify(). The method did not escape objects with 'lc' keys when serializing free-form data in kwargs. The 'lc' key is used internally by LangChain to mark serialized objects.

Recommendation

Update the langchain package to the latest compatible version. Followings are version details:

Affected version(s): **< 0.3.37 >= 1.0.0, < 1.2.3**
Patched version(s): **0.3.37 1.2.3**

References

GHSA-r399-636x-v7f6
CVE-2025-68665
CWE-502
CAPEC-310
OWASP 2021-A6
OWASP 2021-A8

Related Issues

LangChain serialization injection vulnerability enables secret extraction (GHSA-r399-636x-v7f6) - CVE-2025-68665
@perfood/couch-auth has a host header injection vulnerability - CVE-2025-70948
pg-promise SQL Injection vulnerability - CVE-2025-29744
systeminformation has a Command Injection vulnerability in fsSize() function on Windows - CVE-2025-68154

Tags:: npm; langchain

Anything's wrong? Let us know Last updated on February 20, 2026