CVE-2026-27795 | langchain-ai langchainjs up to 1.1.17 validateSafeUrl server-side request forgery (GHSA-gf3v-fwqg-4vh7)

A vulnerability was found in langchain-ai langchainjs up to 1.1.17 and classified as critical. This issue affects the function validateSafeUrl. Executing a manipulation can lead to server-side request forgery.

This vulnerability is registered as CVE-2026-27795. It is possible to launch the attack remotely. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More