CVE-2026-14742 | langchain-ai langgraph up to 1.2.4 Task Result Cache _cache.py _freeze default_cache_key weak hash (Issue 8009)
A vulnerability was found in langchain-ai langgraph up to 1.2.4. It has been rated as problematic. The affected element is the function _freeze of the file libs/langgraph/langgraph/_internal/_cache.py of the component Task Result Cache. This manipulation of the argument default_cache_key causes use of weak hash.
This vulnerability is tracked as CVE-2026-14742. The attack is possible to be carried out remotely. Moreover, an exploit is present.
The pull request to fix this issue awaits acceptance.VulDB Recent EntriesRead More