Skip to main content

LangGraph EUVDEUVD-2026-41747

| CVE-2026-14742 LOW
Use of Weak Hash (CWE-328)
2026-07-05 VulDB GHSA-rff8-98wf-8rv4
1.3
CVSS 4.0 · Vendor: VulDB

Severity by source

Vendor (VulDB) PRIMARY
1.3 LOW
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
3.1 LOW

Network-reachable but requires authenticated low-privilege access (PR:L) and high-complexity hash collision (AC:H); impact is limited to low confidentiality with no integrity or availability dimensions.

3.1 AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
4.0 AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (VulDB).

CVSS VectorVendor: VulDB

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

2
CVSS changed
Jul 05, 2026 - 11:22 NVD
2.3 (LOW) 1.3 (LOW)
Analysis Generated
Jul 05, 2026 - 11:21 vuln.today

DescriptionCVE.org

A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function _freeze of the file libs/langgraph/langgraph/_internal/_cache.py of the component Task Result Cache. This manipulation of the argument default_cache_key causes use of weak hash. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is described as difficult. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance.

AnalysisAI

Weak hashing in LangGraph's Task Result Cache exposes low-privilege authenticated users to hash collision attacks that can leak cached task results across isolation boundaries. All LangGraph versions through 1.2.4 are affected via the _freeze function in libs/langgraph/langgraph/_internal/_cache.py. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate to LangGraph with low-privilege credentials
Delivery
Analyze task cache key generation behavior via `_freeze`
Exploit
Engineer inputs to produce colliding `default_cache_key` hash values
Execution
Submit crafted task to trigger cache lookup collision
Impact
Receive cached output belonging to another task or user

Vulnerability AssessmentAI

Exploitation Exploitation requires a valid low-privilege authenticated session on the target LangGraph deployment running version 1.2.4 or earlier (CVSS PR:L confirmed). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Real-world risk is low despite the existence of a public proof-of-concept. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A low-privilege authenticated user on a shared LangGraph deployment crafts task inputs specifically engineered to produce a `default_cache_key` that collides with a hash value corresponding to another user's cached task result. When the cache lookup resolves the collision, the attacker receives output data from the other task, potentially exposing sensitive intermediate reasoning, tool outputs, or agent memory. …
Remediation No vendor-released patched version has been confirmed at time of analysis - the fix exists as a pending pull request at https://github.com/langchain-ai/langgraph/pull/8069 awaiting merge. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-41747 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy