CVE-2026-40087: LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-str
Summary
LangChain, a framework for building AI agents and applications powered by large language models, had a vulnerability in how it validated f-string templates (a Python feature for inserting variables into text strings). Before versions 0.3.84 and 1.2.28, certain template classes could accept and execute dangerous expressions that should have been blocked, including attribute access and nested replacement fields hidden in format specifiers, which could allow attackers to access unintended data or run unwanted code.
Solution / Mitigation
Update LangChain to version 0.3.84 or 1.2.28 or later, where the f-string validation has been fixed.
Vulnerability Details
5.3(medium)
EPSS: 0.0%
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
network
low
none
none
April 9, 2026
Classification
Affected Vendors
Related Issues
CVE-2026-34371: LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the e
CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-40087
First tracked: April 9, 2026 at 08:07 PM
Classified by LLM (prompt v3) · confidence: 95%