PatchSiren cyber security CVE debrief
CVE-2026-40190 langchain-ai CVE debrief
## Summary CVE-2026-40190 is a prototype pollution vulnerability in the LangSmith JavaScript/TypeScript SDK (langsmith) prior to version 0.5.18. The SDK's internally vendored lodash `set()` utility contains an incomplete fix in its `baseAssignValue()` function, which only blocks the `__proto__` key but fails to prevent traversal via `constructor.prototype`. An attacker who controls keys in data processed by the `createAnonymizer()` API can pollute `Object.prototype`, affecting all objects in the Node.js process. ## Affected Product - **Product:** LangSmith JavaScript/TypeScript SDK (npm package `langsmith`) - **Affected Versions:** Prior to 0.5.18 - **Fixed Version:** 0.5.18 ## Root Cause The vulnerability stems from an incomplete prototype pollution mitigation in a vendored lodash utility. The `baseAssignValue()` function prevents direct `__proto__` assignment but does not block the `constructor.prototype` path, which is an alternative vector for achieving the same `Object.prototype` pollution. ## Attack Vector - **Vector:** Network-based, via attacker-controlled keys passed to the `createAnonymizer()` API - **Conditions:** Attacker must be able to influence key names in data processed by the vulnerable API - **Impact:** Object prototype pollution affecting all objects in the Node.js process, potentially leading to application logic manipulation, denial of service, or indirect code execution ## CVSS Assessment - **Score:** 5.6 (Medium) - **Vector:** CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L The High Attack Complexity (AC:H) reflects the need for the attacker to control specific input keys; the Network attack vector (AV:N) with No privileges required (PR:N) and No user interaction (UI:N) indicates the vulnerability is remotely exploitable under the right conditions. ## Timeline - **CVE Published:** 2026-04-10 - **CVE Last Modified:** 2026-05-29 ## Recommended Actions 1. **Upgrade immediately** to langsmith SDK version 0.5.18 or later 2. **Audit applications** using `createAnonymizer()` for untrusted input handling 3. **Implement input validation** on keys passed to SDK methods as defense-in-depth 4. **Monitor for anomalous behavior** in Node.js
- Vendor
- langchain-ai
- Product
- langsmith-sdk
- CVSS
- MEDIUM 5.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-10
- Original CVE updated
- 2026-05-29
- Advisory published
- 2026-04-10
- Advisory updated
- 2026-05-29
Who should care
Organizations using LangSmith JavaScript/TypeScript SDK versions prior to 0.5.18, particularly those exposing createAnonymizer() to external or untrusted input
Technical summary
Incomplete prototype pollution fix in vendored lodash set() utility within LangSmith JS/TS SDK allows Object.prototype pollution via constructor.prototype traversal in createAnonymizer() API, fixed in 0.5.18
Defensive priority
medium
Recommended defensive actions
- Upgrade to langsmith SDK version 0.5.18 or later
- Audit applications using createAnonymizer() for untrusted input handling
- Implement input validation on keys passed to SDK methods as defense-in-depth
- Monitor for anomalous behavior in Node.js applications
Evidence notes
Vulnerability description sourced from official CVE record and NVD entry. Advisory reference confirms fix version 0.5.18 and identifies GHSA-fw9q-39r9-c252 as the coordinating security advisory. CWE-1321 (Improperly Controlled Modification of Object Prototype Attributes) classified as primary weakness.
Official resources
-
CVE-2026-40190 CVE record
CVE.org
-
CVE-2026-40190 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
2026-04-10T20:16:24.043Z