PyPi: Langroid

CVE-2025-46726

Safety vulnerability ID: 77090

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at May 05, 2025 Updated at May 08, 2025

Scan your Python projects for vulnerabilities →

Advisory

Affected versions of Langroid are vulnerable to XXE Injection via XMLToolMessage: A LLM application leveraging XMLToolMessage class may be exposed to untrusted XML input that could result in DoS and/or exposing local files with sensitive information.

Affected package

langroid

Latest version: 0.53.7

Harness LLMs with Multi-Agent Programming

Affected versions

Fixed versions

Vulnerability changelog

This vulnerability has no description

Resources

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46726

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application