CVE-2026-41488 | langchain-ai langchain-openai up to 1.1.13 DNS Resolution _url_to_size server-side request forgery (GHSA-r7w7-9xr2-qq2r)

A vulnerability labeled as critical has been found in langchain-ai langchain-openai up to 1.1.13. This issue affects the function _url_to_size of the component DNS Resolution Handler. Executing a manipulation can lead to server-side request forgery.

This vulnerability is tracked as CVE-2026-41488. The attack can be launched remotely. No exploit exists.

The affected component should be upgraded.VulDB Recent EntriesRead More