CVE-2026-34070

EIP tracks 1 public exploit for CVE-2026-34070. PoCs published by Rickidevs.

AI-analyzed exploit summary This is a detailed technical writeup discussing CVE-2026-34070, a path traversal vulnerability in LangChain's `langchain-core` library. It includes root cause analysis, proof-of-concept examples, and mitigation steps.

LangChain is a framework for building agents and LLM-powered applications. Prior to version 1.2.22, multiple functions in langchain_core.prompts.loading read files from paths embedded in deserialized config dicts without validating against directory traversal or absolute path injection. When an application passes user-influenced prompt configurations to load_prompt() or load_prompt_from_config(), an attacker can read arbitrary files on the host filesystem, constrained only by file-extension checks (.txt for templates, .json/.yaml for examples). This issue has been patched in version 1.2.22.