deepagents

vdeepagents-code==0.1.1 scope: deepagents-code Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 19d AI Agents & Assistants

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

ai deepagents langchain langgraph python typescript

Affected surfaces

rce_ssrf

Summary

AI summary

Guarded fetch_url against SSRF and fixed the LangSmith sandbox working directory.

Changes in this release

Type	Severity	Summary	CVE
Security	Medium	Guard fetch_url against SSRF. Guard fetch_url against SSRF. Source: llm_adapter@2026-05-21 Confidence: high	—
Bugfix	Medium	Correct LangSmith sandbox working directory. Correct LangSmith sandbox working directory. Source: llm_adapter@2026-05-21 Confidence: high	—

Full changelog

Bug Fixes

Correct LangSmith sandbox working directory (#3415) (b0e8d83)
Guard fetch_url against SSRF (#3411) (54d8521)

Internal maintainers: @mdrxy

Security Fixes

Guarded fetch_url against Server-Side Request Forgery (SSRF).

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track deepagents

Get notified when new releases ship.

About deepagents

Agent harness built with LangChain and LangGraph. Equipped with a planning tool, a filesystem backend, and the ability to spawn subagents - well-equipped to handle complex agentic tasks.

All releases →

Related context

Related tools

Earlier breaking changes

vdeepagents-cli==0.2.0 `deepagents deploy` now targets Managed Deep Agents API; removes `deepagents dev`, `deepagents.toml`, and `--config`/`--dry-run` flags.