CVE-2025-6984

Overview

The langchain-ai/langchain project, specifically the EverNoteLoader component, is vulnerable to XML External Entity (XXE) attacks due to insecure XML parsing. The affected version is 0.3.63. The vulnerability arises from the use of etree.iterparse() without disabling external entity references, whic...

Critical

Low

Medium

No items found.

Package:

Impact:

Fix:

Year:

CVSS:

Severity:

CVE-2025-6984

Overview

Affected Components

Location

Stop the waste.
Protect your environment with Kodem.

CVE-2025-6984

Overview

Affected Components

Location

Stop the waste.Protect your environment with Kodem.

Stop the waste.
Protect your environment with Kodem.