langchain-chatchat
PyPI6 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting langchain-chatchatpage 1 of 1
- CVE-2025-6853CRITICALCVSS 9.8EG 6.32025-06-29
vulnerable: 0.3.0 ... 0.3.1.3 (22 versions)
A vulnerability classified as critical has been found in chatchat-space Langchain-Chatchat up to 0.3.1. This affects the function upload_temp_docs of the file /knowledge_base/upload_temp_docs of the component Backend. The manipulation of t…
- CVE-2025-6854MEDIUMCVSS 4.3EG 4.32025-06-29
vulnerable: 0.3.0 ... 0.3.1 (19 versions)
A vulnerability classified as problematic was found in chatchat-space Langchain-Chatchat up to 0.3.1. This vulnerability affects unknown code of the file /v1/files?purpose=assistants. The manipulation leads to path traversal. The attack ca…
- CVE-2025-6855HIGHCVSS 8.8EG 5.52025-06-29
vulnerable: 0.3.0 ... 0.3.1 (19 versions)
A vulnerability, which was classified as critical, has been found in chatchat-space Langchain-Chatchat up to 0.3.1. This issue affects some unknown processing of the file /v1/file. The manipulation of the argument flag leads to path traver…
- CVE-2026-7845LOWCVSS 2.6EG 2.62026-05-05
vulnerable: 0.3.0 ... 0.3.1.3 (22 versions)
A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webui_pages/dialogue/dialogue.py of the component Vision Chat Paste Image…
- CVE-2026-7846LOWCVSS 2.6EG 2.62026-05-05
vulnerable: 0.3.0 ... 0.3.1.3 (22 versions)
A vulnerability has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. Impacted is the function files of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the component OpenAI-Compatible File Upload A…
- CVE-2026-7847LOWCVSS 2.6EG 2.62026-05-05
vulnerable: 0.3.0 ... 0.3.1.3 (22 versions)
A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function _get_file_id of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the component Uploaded File Han…
Check whether langchain-chatchat is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for langchain-chatchat CVEs against the assets you own.
Start Free Scan →