Cybersecuritynews
Langchain Community SSRF Vulnerability Exposes Internal Services
First seen 17 Feb 2026, 08:10 UTC
•


•79% similarity
•31.9
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
A Server-Side Request Forgery (SSRF) vulnerability, tracked as CVE-2026-26019, has been discovered in the langchain/community package, affecting versions up to 1.1.13. This flaw has a moderate severity rating and can potentially expose sensitive cloud metadata and internal infrastructure due to its origin in the RecursiveUrlLoader class, which performs recursive web crawling.
ThreatCluster AI
Timeline
2026-02-17
CVE-2026-26019 published
2026-02-17
Vulnerability identified in langchain/community package
Recent
Details about the flaw and its impact released