Act
active
LangChain Core Critical RCE – CVE-2025-68664 PoC Public
- Engineer — Act: A public PoC exists for this critical langchain-core flaw, making exploitation practical for any AI pipeline that processes untrusted input; audit Python environments and upgrade langchain-core to the patched release immediately.
- SOC/IR — Plan: No active exploitation campaign observed (EPSS 0.14, not KEV-listed), but the public PoC warrants building detections for anomalous subprocess or file-system activity spawned from LangChain worker processes before exploitation picks up.
- Leader — Skip
- Signals: CVE-2025-68664 — CISA KEV: not listed, EPSS 0.14, public PoC on GitHub
This entry was curated and judged by AI (Claude) with automated enrichment
(CISA KEV / EPSS / public PoC). Verify against the original source before
acting. Found a bad verdict?
Report it —
confirmed errors go to the corrections log.