CVE-2026-27795

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-27795
LangChain is a framework for building LLM-powered applications. Prior to version 1.1.8, a redirect-based Server-Side Request Forgery (SSRF) bypass exists in `RecursiveUrlLoader` in `@langchain/community`. The loader validates the initial URL but allows the underlying fetch to follow redirects automatically, which permits a transition from a safe public URL to an internal or metadata endpoint without revalidation. This is a bypass of the SSRF protections introduced in 1.1.14 (CVE-2026-26019). Users should upgrade to `@langchain/community` 1.1.18, which validates every redirect hop by disabling automatic redirects and re-validating `Location` targets before following them. In this version, automatic redirects are disabled (`redirect: "manual"`), each 3xx `Location` is resolved and validated with `validateSafeUrl()` before the next request, and a maximum redirect limit prevents infinite loops.

4.1 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.3 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://github.com/langchain-ai/langchainjs/commit/2812d2b2b9fd9343c4850e2ab906b8cf440975ee Patch
https://github.com/langchain-ai/langchainjs/commit/d5e3db0d01ab321ec70a875805b2f74aefdadf9d Patch
https://github.com/langchain-ai/langchainjs/pull/9990 Issue Tracking
https://github.com/langchain-ai/langchainjs/releases/tag/%40langchain%2Fcommunity%401.1.14 Release Notes
https://github.com/langchain-ai/langchainjs/releases/tag/%40langchain%2Fcommunity%401.1.18 Release Notes
https://github.com/langchain-ai/langchainjs/security/advisories/GHSA-gf3v-fwqg-4vh7 Not Applicable
https://github.com/langchain-ai/langchainjs/security/advisories/GHSA-mphv-75cg-56wg Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:langchain:langchain_community:*:*:*:*:*:node.js:*:*
History

13 Apr 2026, 14:15

Type Values Removed Values Added
References () https://github.com/langchain-ai/langchainjs/commit/2812d2b2b9fd9343c4850e2ab906b8cf440975ee - () https://github.com/langchain-ai/langchainjs/commit/2812d2b2b9fd9343c4850e2ab906b8cf440975ee - Patch
References () https://github.com/langchain-ai/langchainjs/commit/d5e3db0d01ab321ec70a875805b2f74aefdadf9d - () https://github.com/langchain-ai/langchainjs/commit/d5e3db0d01ab321ec70a875805b2f74aefdadf9d - Patch
References () https://github.com/langchain-ai/langchainjs/pull/9990 - () https://github.com/langchain-ai/langchainjs/pull/9990 - Issue Tracking
References () https://github.com/langchain-ai/langchainjs/releases/tag/%40langchain%2Fcommunity%401.1.14 - () https://github.com/langchain-ai/langchainjs/releases/tag/%40langchain%2Fcommunity%401.1.14 - Release Notes
References () https://github.com/langchain-ai/langchainjs/releases/tag/%40langchain%2Fcommunity%401.1.18 - () https://github.com/langchain-ai/langchainjs/releases/tag/%40langchain%2Fcommunity%401.1.18 - Release Notes
References () https://github.com/langchain-ai/langchainjs/security/advisories/GHSA-gf3v-fwqg-4vh7 - () https://github.com/langchain-ai/langchainjs/security/advisories/GHSA-gf3v-fwqg-4vh7 - Not Applicable
References () https://github.com/langchain-ai/langchainjs/security/advisories/GHSA-mphv-75cg-56wg - () https://github.com/langchain-ai/langchainjs/security/advisories/GHSA-mphv-75cg-56wg - Vendor Advisory
First Time Langchain langchain Community
Langchain
CPE cpe:2.3:a:langchain:langchain_community:*:*:*:*:*:node.js:*:*
Summary
  • (es) LangChain es un framework para construir aplicaciones impulsadas por LLM. Antes de la versión 1.1.8, existe una omisión de falsificación de petición del lado del servidor (SSRF) basada en redirección en `RecursiveUrlLoader` en `@langchain/community`. El cargador valida la URL inicial, pero permite que la recuperación subyacente siga las redirecciones automáticamente, lo que permite una transición de una URL pública segura a un endpoint interno o de metadatos sin revalidación. Esto es una omisión de las protecciones de SSRF introducidas en 1.1.14 (CVE-2026-26019). Los usuarios deben actualizar a `@langchain/community` 1.1.18, que valida cada salto de redirección deshabilitando las redirecciones automáticas y revalidando los objetivos de `Location` antes de seguirlos. En esta versión, las redirecciones automáticas están deshabilitadas (`redirect: 'manual'`), cada `Location` 3xx se resuelve y valida con `validateSafeUrl()` antes de la siguiente petición, y un límite máximo de redirecciones evita bucles infinitos.

25 Feb 2026, 18:23

Type Values Removed Values Added
New CVE
Information

Published : 2026-02-25 18:23

Updated : 2026-04-13 14:15

NVD link : CVE-2026-27795

Mitre link : CVE-2026-27795

CVE.ORG link : CVE-2026-27795

JSON object : View

Products Affected

langchain

  • langchain_community
CWE
CWE-918

Server-Side Request Forgery (SSRF)