PatchSiren cyber security CVE debrief
CVE-2026-59152 langchain-ai CVE debrief
The LangSmith Client SDKs provide software development kits for interacting with the LangSmith platform. Prior to version 0.8.18, an attacker who can send an HTTP request to a server running the LangSmith SDK's TracingMiddleware can cause that server to read an arbitrary file from its local filesystem and upload the contents to LangSmith as a trace attachment. Depending on how the distributed trace system is deployed, triggering a read may not require authentication. Retrieving the contents requires read access to the LangSmith workspace the traces are sent to. The net effect is a trust-boundary crossing: a party with workspace trace-read access gains the ability to read files from any server running TracingMiddleware, a capability outside that workspace's intended trust boundary. This vulnerability is fixed in version 0.8.18.
- Vendor
- langchain-ai
- Product
- langsmith-sdk
- CVSS
- MEDIUM 5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-06
- Original CVE updated
- 2026-07-07
- Advisory published
- 2026-07-06
- Advisory updated
- 2026-07-07
Who should care
Organizations using LangSmith Client SDKs, especially those with multiple workspaces or shared access, should assess their exposure and upgrade to version 0.8.18 or later. Low-privilege workspace members, contractors, or compromised teammate accounts could potentially exploit this vulnerability to read sensitive files.
Technical summary
The LangSmith Client SDKs' TracingMiddleware is vulnerable to a file read and upload issue. An attacker can send an HTTP request to a server running TracingMiddleware, causing it to read an arbitrary file and upload it as a trace attachment to LangSmith. This issue allows for a trust-boundary crossing, enabling parties with workspace trace-read access to read files from servers running TracingMiddleware. The vulnerability is identified as CWE-22, CWE-346, and CWE-843.
Defensive priority
Medium priority due to the potential for sensitive file exposure and the relatively low CVSS score of 5.
Recommended defensive actions
- Upgrade LangSmith Client SDKs to version 0.8.18 or later
- Review and restrict access to LangSmith workspaces
- Monitor for suspicious TracingMiddleware activity
- Implement additional authentication for trace uploads if possible
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Check relevant monitoring, detection, and logs for exposed assets that need extra review
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
Evidence notes
The CVE record was published on 2026-07-06T16:16:37.413Z and was last modified on 2026-07-07T16:16:41.340Z. The NVD entry is currently Awaiting Analysis. Limited details are available about the specific exploitation or affected systems.
Official resources
-
CVE-2026-59152 CVE record
CVE.org
-
CVE-2026-59152 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-06T16:16:37.413Z and has not been modified since then. The NVD entry is currently Awaiting Analysis.