CVE-2026-41481 | langchain-ai langchain-text-splitters up to 1.1.1 HTMLHeaderTextSplitter.split_text_from_url server-side request forgery (GHSA-fv5p-p927-qmxr)

A vulnerability described as critical has been identified in langchain-ai langchain-text-splitters up to 1.1.1. The affected element is the function HTMLHeaderTextSplitter.split_text_from_url. The manipulation results in server-side request forgery.

This vulnerability is cataloged as CVE-2026-41481. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More