Skip to content

langchain

vlangchain==1.3.9 scope: langchain Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 6d AI Agents & Assistants
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

agents ai ai-agents anthropic chatgpt deepagents
+11 more
enterprise gemini generative-ai langchain langgraph llm multiagent openai pydantic python typescript

Affected surfaces

auth rbac

Summary

AI summary

Confined file‑search results and tightened Anthropic allowed prefixes.

Changes in this release

Bugfix Medium

Confines file-search results to prevent unintended data exposure.

Confines file-search results to prevent unintended data exposure.

Source: llm_adapter@2026-06-12

Confidence: high
Bugfix Medium

Tightens anthropic `allowed_prefixes` for stricter prefix validation.

Tightens anthropic `allowed_prefixes` for stricter prefix validation.

Source: llm_adapter@2026-06-12

Confidence: high
Full changelog

Changes since langchain==1.3.8

release(anthropic): 1.4.6 (#38105)
release(langchain): 1.3.9 (#38104)
fix(langchain,anthropic): confine file-search results and tighten anthropic allowed_prefixes (#38106)

Security Fixes

  • Confined file‑search results and tightened Anthropic `allowed_prefixes` to mitigate unauthorized access.
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track langchain

Get notified when new releases ship.

Sign up free

About langchain

The agent engineering platform

All releases →

Related context

Earlier breaking changes

Beta — feedback welcome: [email protected]