CVE-2026-41182: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor in langchain-ai langsmith-sdk
CVE-2026-41182 is a vulnerability in the langchain-ai langsmith-sdk JavaScript and Python SDKs prior to versions 0. 5. 19 and 0. 7. 31 respectively. The issue arises because output redaction controls do not apply to streaming token events, allowing raw token values from streaming LLM outputs to be recorded and stored without redaction. This results in unintended exposure of sensitive information through run event data. The vulnerability has a CVSS score of 5. 3, indicating medium severity. Fixed versions are available that address this issue by properly applying redaction to streaming events.
AI Analysis
Technical Summary
The langsmith-sdk JavaScript and Python SDKs before versions 0.5.19 and 0.7.31 do not apply output redaction controls to streaming token events generated during LLM runs. Specifically, each chunk of streaming output is recorded as a new_token event containing the raw token value, which bypasses the redaction pipeline that only processes inputs and outputs fields. Consequently, sensitive streamed content can be leaked via run events despite redaction settings. The issue is fixed in versions 0.5.19 (JS) and 0.7.31 (Python).
Potential Impact
Sensitive information generated by language model streaming outputs may be exposed to unauthorized actors because the redaction controls fail to sanitize streaming token events. This can lead to leakage of confidential or sensitive data stored within the LangSmith platform through run event logs. The vulnerability does not affect integrity or availability but impacts confidentiality.
Mitigation Recommendations
Upgrade to langsmith-sdk JavaScript version 0.5.19 or later and Python version 0.7.31 or later. These versions fix the issue by applying output redaction controls to streaming token events. No other mitigation is indicated or required.
CVE-2026-41182: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor in langchain-ai langsmith-sdk
Description
CVE-2026-41182 is a vulnerability in the langchain-ai langsmith-sdk JavaScript and Python SDKs prior to versions 0. 5. 19 and 0. 7. 31 respectively. The issue arises because output redaction controls do not apply to streaming token events, allowing raw token values from streaming LLM outputs to be recorded and stored without redaction. This results in unintended exposure of sensitive information through run event data. The vulnerability has a CVSS score of 5. 3, indicating medium severity. Fixed versions are available that address this issue by properly applying redaction to streaming events.
CVSS v3.1
Score 5.3medium
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The langsmith-sdk JavaScript and Python SDKs before versions 0.5.19 and 0.7.31 do not apply output redaction controls to streaming token events generated during LLM runs. Specifically, each chunk of streaming output is recorded as a new_token event containing the raw token value, which bypasses the redaction pipeline that only processes inputs and outputs fields. Consequently, sensitive streamed content can be leaked via run events despite redaction settings. The issue is fixed in versions 0.5.19 (JS) and 0.7.31 (Python).
Potential Impact
Sensitive information generated by language model streaming outputs may be exposed to unauthorized actors because the redaction controls fail to sanitize streaming token events. This can lead to leakage of confidential or sensitive data stored within the LangSmith platform through run event logs. The vulnerability does not affect integrity or availability but impacts confidentiality.
Mitigation Recommendations
Upgrade to langsmith-sdk JavaScript version 0.5.19 or later and Python version 0.7.31 or later. These versions fix the issue by applying output redaction controls to streaming token events. No other mitigation is indicated or required.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-04-17T16:34:45.526Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69e9707c87115cfb68522131
Added to database: 4/23/2026, 1:06:04 AM
Last enriched: 4/30/2026, 8:11:27 AM
Last updated: 6/7/2026, 6:16:43 AM
Views: 71
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.