CVE-2026-25528
LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. The LangSmith SDK's distributed tracing feature is vulnerable to Server-Side Request Forgery via malicious HTTP headers. An attacker can inject arbitrary api_url values through the baggage header, causing the SDK to exfiltrate sensitive trace data to attacker-controlled endpoints. When using distributed tracing, the SDK parses incoming HTTP headers via RunTree.from_headers() in Python or RunTree.fromHeaders() in Typescript. The baggage header can contain replica configurations including api_url and api_key fields. Prior to the fix, these attacker-controlled values were accepted without validation. When a traced operation completes, the SDK's post() and patch() methods send run data to all configured replica URLs, including any injected by an attacker. This vulnerability is fixed in version 0.6.3 of the Python SDK and 0.4.6 of the JavaScript SDK.
EPSS 0.01% · 2.6th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| npm | langsmith | 0.3.41 |
| langchain-ai | langsmith-sdk | >= 0.4.10, <0.6.3 |
| PyPI | langsmith | 0.4.10 |
Timeline
- Feb 9, 2026 CVE Published
- Feb 9, 2026 PoC Published
- Feb 10, 2026 EPSS Score
- Feb 12, 2026 EPSS Score
- Feb 14, 2026 EPSS Score
- Feb 16, 2026 EPSS Score
- Feb 18, 2026 EPSS Score
- Feb 20, 2026 EPSS Score
- Feb 22, 2026 EPSS Score
- Feb 22, 2026 CVE Updated
- Feb 24, 2026 EPSS Score
- Feb 26, 2026 EPSS Score
References
- https://github.com/langchain-ai/langsmith-sdk/security/advisories/GHSA-v34v-rq6j-cj6p url
- https://nvd.nist.gov/vuln/detail/CVE-2026-25528 advisory
- https://github.com/langchain-ai/langsmith-sdk package
- https://www.ibm.com/support/pages/node/7268602 advisory
- https://www.ibm.com/support/pages/node/7268724 advisory
- https://www.ibm.com/support/pages/node/7268726 advisory
- https://www.ibm.com/support/pages/node/7268604 advisory
- https://www.ibm.com/support/pages/node/7268649 advisory
- https://www.ibm.com/support/pages/node/7268725 advisory