LangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents

Cybersecurity researchers have disclosed a now-patched security flaw in LangChain's LangSmith platform that could be exploited to capture sensitive data, including API keys and user prompts. The vulnerability, which carries a CVSS score of 8.8 out of a maximum of 10.0, has been codenamed AgentSmith by Noma Security. LangSmith is an observability and evaluation platform that allows users to

  Hacker News   Jun 17, 2025   0   5  Add to Reading List
LangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents
Cybersecurity researchers have disclosed a now-patched security flaw in LangChain's LangSmith platform that could be exploited to capture sensitive data, including API keys and user prompts. The vulnerability, which carries a CVSS score of 8.8 out of a maximum of 10.0, has been codenamed AgentSmith by Noma Security. LangSmith is an observability and evaluation platform that allows users to
Read More   

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow