LangChain Just Got Three CVEs. The Bugs Are From 2006.

Path traversal, deserialization injection, and SQL injection — three CVEs disclosed in LangChain and LangGraph this week. The most popular AI framework has 84 million combined weekly downloads and vulnerability classes that web developers solved two decades ago.