Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
No data.
| Vendor | Product | Confidence | Versions |
|---|---|---|---|
| Langchain | Langchain | — | — |
| Langchain-ai | Langchain | — | — |
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2025-23371 | Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive files via supplying a crafted request. |
Fri, 17 Oct 2025 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
X-d Lab
X-d Lab langchain-chatglm-webui |
|
| CPEs | cpe:2.3:a:x-d_lab:langchain-chatglm-webui:2023-05-23:*:*:*:*:*:*:* | |
| Vendors & Products |
X-d Lab
X-d Lab langchain-chatglm-webui |
Sat, 16 Aug 2025 21:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Langchain
Langchain langchain Langchain-ai Langchain-ai langchain |
|
| Vendors & Products |
Langchain
Langchain langchain Langchain-ai Langchain-ai langchain |
Fri, 01 Aug 2025 18:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-732 | |
| Metrics |
cvssV3_1
|
Fri, 01 Aug 2025 17:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive files via supplying a crafted request. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-08-01T17:24:38.847Z
Reserved: 2025-04-22T00:00:00.000Z
Link: CVE-2025-45150
Vulnrichment
Updated: 2025-08-01T17:23:38.907Z
NVD
Status : Analyzed
Published: 2025-08-01T17:15:51.943
Modified: 2025-10-17T18:28:30.400
Link: CVE-2025-45150
Redhat
No data.
OpenCVE Enrichment
Updated: 2025-08-16T21:41:34Z