Cybersecurity researchers have identified multiple critical vulnerabilities in widely used artificial intelligence frameworks LangChain and LangGraph, raising serious concerns about data security in enterprise AI deployments. The flaw, which was disclosed in March 2026, could allow an attacker to access sensitive information such as file system data, environmental secrets, and conversation history.
LangChain and LangGraph are popular open source frameworks used to build applications using large-scale language models (LLMs). Its widespread adoption is evidenced by recent statistics showing that LangChain, LangChain-Core, and LangGraph recorded over 52 million, 23 million, and 9 million downloads in a week, respectively. This widespread use amplifies the potential impact of newly discovered vulnerabilities.
Researchers revealed that this vulnerability provides three different attack vectors, each of which can be exploited independently. One flaw, tracked as CVE-2026-34070 with a CVSS score of 7.5, involves a path traversal issue that allows an attacker to access arbitrary files via a manipulated prompt template. The other, CVE-2025-68664, has a Critical CVSS score of 9.3 and may allow disclosure of API keys and environment sensitive information through insecure data deserialization. The third vulnerability (CVE-2025-67644 with a score of 7.3) is an SQL injection flaw in LangGraph that could allow an attacker to perform arbitrary database queries.
Successful exploitation of these vulnerabilities could allow an attacker to extract sensitive data such as Docker configuration files, system-level sensitive information, and user conversation history. Experts warn that such exposures could compromise corporate systems, especially those that rely heavily on AI-driven workflows and automated decision-making processes.
Security researchers emphasized that the findings highlight how modern AI frameworks remain vulnerable to traditional software security issues such as path traversal, deserialization flaws, and SQL injection. The convergence of AI and traditional software architecture means that established cybersecurity risks continue to persist in new technology ecosystems.
Patches have been released to address these vulnerabilities, and fixes are available in updated versions of LangChain-Core and LangGraph components. Organizations using these frameworks are urged to upgrade immediately and check their systems for potential exposure. This incident is a reminder of the importance of integrating robust security practices into the rapidly evolving field of artificial intelligence.
