A Server‑Side Request Forgery (SSRF) vulnerability has been identified in the langchain/community package, affecting versions up to 1.1.13. The flaw, tracked as CVE‑2026‑26019, has a moderate severity rating, with a CVSS 3.1 score, due on its potential to expose sensitive cloud metadata and internal infrastructure. The vulnerability originates from the RecursiveUrlLoader class, which performs recursive web crawling. By default, it restricts crawling to […]
The post Langchain Community SSRF Bypass Vulnerability Enables Access to Internal Services appeared first on Cyber Security News.
This article has been indexed from Cyber Security News
Read the original article: