@langchain/core

Core LangChain.js abstractions and schemas
Licenses: MIT

Direct Vulnerabilities

Known vulnerabilities in the @langchain/core package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • M
Server-side Request Forgery (SSRF)

<1.1.14
  • C
Deserialization of Untrusted Data

<0.3.80>=1.0.0-alpha.1 <1.1.8

Package versions

342 VERSIONS IN TOTAL See all versions
versionpublisheddirect vulnerabilities
1.2.122 Jun, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
1.2.017 Jun, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
1.2.0-dev-17757638038789 Apr, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
1.2.0-dev-176593770526517 Dec, 2025
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
1.1.50-dev-178158035742416 Jun, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
1.1.4912 Jun, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
1.1.49-dev-17810481857309 Jun, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
1.1.49-dev-17810444363129 Jun, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
1.1.4821 May, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
1.1.4718 May, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L