Package impact
PyPI / langchain-text-splitters
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-41481 | medium | 6.5 | 6.5 | 1mo ago | LangChain is a framework for building agents and LLM-powered applications. Prior to langchain-text-splitters 1.1.2, HTMLHeaderTextSplitter.split_text_from_url() validated the initial URL using valid… | |
| CVE-2025-6985 | unknown | — | — | 8mo ago | LangChain Text Splitters is vulnerable to XML External Entity (XXE) attacks due to unsafe XSLT parsing |