Package impact
PyPI / langsmith
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-45134 | high | 7.1 | 7.1 | 16d ago | LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to LangSmith SDK Python 0.8.0 and JS/TS 0.6.0, the LangSmith SDK's prompt pull methods (pull_prompt / pull_promp… | |||
| CVE-2026-41182 | medium | 5.3 | 5.3 | 1mo ago | LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to version 0.5.19 of the JavaScript SDK and version 0.7.31 of the Python SDK, the LangSmith SDK's output redacti… | |||
| CVE-2026-25528 | unknown | — | — | 4mo ago | LangSmith Client SDK Affected by Server-Side Request Forgery via Tracing Header Injection |