{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T15:24:08.576","vulnerabilities":[{"cve":{"id":"CVE-2026-25750","sourceIdentifier":"security-advisories@github.com","published":"2026-03-04T22:16:17.667","lastModified":"2026-03-18T15:06:59.877","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Langchain Helm Charts are Helm charts for deploying Langchain applications on Kubernetes. Prior to langchain-ai/helm version 0.12.71, a URL parameter injection vulnerability existed in LangSmith Studio that could allow unauthorized access to user accounts through stolen authentication tokens. The vulnerability affected both LangSmith Cloud and self-hosted deployments. Authenticated LangSmith users who clicked on a specially crafted malicious link would have their bearer token, user ID, and workspace ID transmitted to an attacker-controlled server. With this stolen token, an attacker could impersonate the victim and access any LangSmith resources or perform any actions the user was authorized to perform within their workspace. The attack required social engineering (phishing, malicious links in emails or chat applications) to convince users to click the crafted URL. The stolen tokens expired after 5 minutes, though repeated attacks against the same user were possible if they could be convinced to click malicious links multiple times. The fix in version 0.12.71 implements validation requiring user-defined allowed origins for the baseUrl parameter, preventing tokens from being sent to unauthorized servers. No known workarounds are available. Self-hosted customers must upgrade to the patched version."},{"lang":"es","value":"Langchain Helm Charts son gráficos Helm para desplegar aplicaciones Langchain en Kubernetes. Antes de la versión 0.12.71 de langchain-ai/helm, existía una vulnerabilidad de inyección de parámetros URL en LangSmith Studio que podría permitir el acceso no autorizado a cuentas de usuario a través de tokens de autenticación robados. La vulnerabilidad afectó tanto a LangSmith Cloud como a las implementaciones autoalojadas. Usuarios de LangSmith autenticados que hicieron clic en un enlace malicioso especialmente diseñado verían su token de portador, ID de usuario e ID de espacio de trabajo transmitidos a un servidor controlado por el atacante. Con este token robado, un atacante podría suplantar a la víctima y acceder a cualquier recurso de LangSmith o realizar cualquier acción que el usuario estuviera autorizado a realizar dentro de su espacio de trabajo. El ataque requirió ingeniería social (phishing, enlaces maliciosos en correos electrónicos o aplicaciones de chat) para convencer a los usuarios de hacer clic en la URL diseñada. Los tokens robados expiraban después de 5 minutos, aunque eran posibles ataques repetidos contra el mismo usuario si se les podía convencer de hacer clic en enlaces maliciosos varias veces. La corrección en la versión 0.12.71 implementa una validación que requiere orígenes permitidos definidos por el usuario para el parámetro baseUrl, evitando que los tokens sean enviados a servidores no autorizados. No hay soluciones alternativas conocidas disponibles. Los clientes autoalojados deben actualizar a la versión parcheada."}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-74"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:langchain:langsmith:*:*:*:*:*:kubernetes:*:*","versionEndExcluding":"0.12.71","matchCriteriaId":"5439C5E6-0075-46D6-A73C-E68084862FD0"}]}]}],"references":[{"url":"https://github.com/langchain-ai/helm/security/advisories/GHSA-r8wq-jwgw-p74g","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}