Package impact
PyPI / langchain-text-splitters
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41481 | medium | 6.5 | 6.5 | 1mo ago | LangChain is a framework for building agents and LLM-powered applications. Prior to langchain-text-splitters 1.1.2, HTMLHeaderTextSplitter.split_text_from_url() validated the initial URL using valid… | |||
| CVE-2025-6985 | unknown | — | — | 8mo ago | LangChain Text Splitters is vulnerable to XML External Entity (XXE) attacks due to unsafe XSLT parsing |