Update dependency langchain-core to v1 #30

Security Report

❗️Scan Warnings: The scan completed with warnings. The integration encountered issues with one or more projects in this repository. Consequently, there may be gaps in the coverage of open-source dependencies used in the repository.

Scan Details Report

pip

/tmp/ws-scm/AutoPrompt/requirements.txt

Step	Level	Description	Details
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: /tmp/ws-ua_20260211121145_MKOAKR/cmd_OWHXKK/20260211121351/AODXPZ_script.sh Error lines: [ERROR: Ignored the following yanked versions: 0.1.5, 0.2.16, 0.2.31, 0.3.42, ERROR: Ignored the following versions that require a different python version: 1.0.0 Requires-Python <4.0.0,>=3.10.0; 1.0.0a1 Requires-Python >=3.10; 1.0.0a10 Requires-Python <4.0.0,>=3.10.0; 1.0... pip install command failed, trying to install dependencies one by one Failed to execute command: /tmp/ws-ua_20260211121145_MKOAKR/cmd_OWHXKK/20260211121401/XPLTTQ_script.sh Error lines: [ERROR: Ignored the following yanked versions: 0.1.5, 0.2.16, 0.2.31, 0.3.42, ERROR: Ignored the following versions that require a different python version: 1.0.0 Requires-Python <4.0.0,>=3.10.0; 1.0.0a1 Requires-Python >=3.10; 1.0.0a2 Requires-Python >=3.10; 1.0.0a3 Requi... Failed to get hierarchy tree, trying to collect a flat list (which may only contain partial results)

You have successfully remediated 6 vulnerabilities, but introduced 7 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability	Severity	CVSS Score	Exploit Maturity	EPSS	Vulnerable Library	Direct Library	Suggested Fix	Issue
CVE-2025-68664 Path to dependency file: /requirements.txt Path to vulnerable library: /tmp/ws-ua_20260211121145_MKOAKR/python_SYRRZC/20260211121145/19/langchain_core-0.3.63-py3-none-any.whl,/tmp/ws-ua_20260211121145_MKOAKR/python_SYRRZC/20260211121145/6/langchain_core-0.3.63-py3-none-any.whl Dependency Hierarchy: -> ❌ langchain_core-0.3.63-py3-none-any.whl (Vulnerable Library)	Critical	9.3	Not Defined	0.0%	`Direct` langchain_core-0.3.63-py3-none-any.whl	langchain_core-0.3.63-py3-none-any.whl	0.3.81	None
CVE-2026-0994 Path to dependency file: /requirements.txt Path to vulnerable library: /tmp/ws-ua_20260211121145_MKOAKR/python_SYRRZC/20260211121145/20/protobuf-5.29.6-cp38-abi3-manylinux2014_x86_64.whl,/tmp/ws-ua_20260211121145_MKOAKR/python_SYRRZC/20260211121145/11/protobuf-5.29.6-cp38-abi3-manylinux2014_x86_64.whl Dependency Hierarchy: -> ❌ protobuf-5.29.6-cp38-abi3-manylinux2014_x86_64.whl (Vulnerable Library)	High	8.6	Not Defined	0.0%	`Direct` protobuf-5.29.6-cp38-abi3-manylinux2014_x86_64.whl	protobuf-5.29.6-cp38-abi3-manylinux2014_x86_64.whl	6.33.5	None
CVE-2025-65106 Path to dependency file: /requirements.txt Path to vulnerable library: /tmp/ws-ua_20260211121145_MKOAKR/python_SYRRZC/20260211121145/19/langchain_core-0.3.63-py3-none-any.whl,/tmp/ws-ua_20260211121145_MKOAKR/python_SYRRZC/20260211121145/6/langchain_core-0.3.63-py3-none-any.whl Dependency Hierarchy: -> ❌ langchain_core-0.3.63-py3-none-any.whl (Vulnerable Library)	High	8.2	Not Defined	0.1%	`Direct` langchain_core-0.3.63-py3-none-any.whl	langchain_core-0.3.63-py3-none-any.whl	0.3.80	None
CVE-2025-6985 Path to dependency file: /requirements.txt Path to vulnerable library: /tmp/ws-ua_20260211121145_MKOAKR/python_SYRRZC/20260211121145/19/langchain_text_splitters-0.3.8-py3-none-any.whl,/tmp/ws-ua_20260211121145_MKOAKR/python_SYRRZC/20260211121145/6/langchain_text_splitters-0.3.8-py3-none-any.whl Dependency Hierarchy: -> ❌ langchain_text_splitters-0.3.8-py3-none-any.whl (Vulnerable Library)	High	7.5	Not Defined	0.8%	`Direct` langchain_text_splitters-0.3.8-py3-none-any.whl	langchain_text_splitters-0.3.8-py3-none-any.whl	0.3.9	None
CVE-2026-25528 Path to dependency file: /requirements.txt Path to vulnerable library: /tmp/ws-ua_20260211121145_MKOAKR/python_SYRRZC/20260211121145/18/langsmith-0.4.37-py3-none-any.whl,/tmp/ws-ua_20260211121145_MKOAKR/python_SYRRZC/20260211121145/17/langsmith-0.4.37-py3-none-any.whl,/tmp/ws-ua_20260211121145_MKOAKR/python_SYRRZC/20260211121145/20/langsmith-0.4.37-py3-none-any.whl Dependency Hierarchy: -> ❌ langsmith-0.4.37-py3-none-any.whl (Vulnerable Library)	Medium	5.8	Not Defined		`Direct` langsmith-0.4.37-py3-none-any.whl	langsmith-0.4.37-py3-none-any.whl	langsmith - 0.4.6,langsmith - 0.6.3	None
CVE-2026-26013 Dependency Hierarchy: -> ❌ langchain_core-0.3.83-py3-none-any.whl (Vulnerable Library)	Low	3.7	Not Defined		`Direct` langchain_core-0.3.83-py3-none-any.whl	langchain_core-0.3.83-py3-none-any.whl	1.2.11	None
CVE-2026-26013 Path to dependency file: /requirements.txt Path to vulnerable library: /tmp/ws-ua_20260211121145_MKOAKR/python_SYRRZC/20260211121145/19/langchain_core-0.3.63-py3-none-any.whl,/tmp/ws-ua_20260211121145_MKOAKR/python_SYRRZC/20260211121145/6/langchain_core-0.3.63-py3-none-any.whl Dependency Hierarchy: -> ❌ langchain_core-0.3.63-py3-none-any.whl (Vulnerable Library)	Low	3.7	Not Defined		`Direct` langchain_core-0.3.63-py3-none-any.whl	langchain_core-0.3.63-py3-none-any.whl	1.2.11	None

✔️ Remediated vulnerabilities:

Vulnerability	Vulnerable Library
CVE-2025-65106	langchain_core-0.3.18-py3-none-any.whl
CVE-2026-23490	pyasn1-0.6.1.tar.gz
CVE-2025-68664	langchain_core-0.3.18-py3-none-any.whl
CVE-2026-0994	protobuf-5.29.5-cp38-abi3-manylinux2014_x86_64.whl
CVE-2025-6985	langchain_text_splitters-0.3.2-py3-none-any.whl
CVE-2026-26013	langchain_core-0.3.18-py3-none-any.whl

Base branch total remaining vulnerabilities: 56
Base branch commit: 9a3bca3149e37f94e2272edbe947577b6db1eebc

Total libraries scanned: 172

Scan token: 06ec1290d46c47349011b260b62f9ed3

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update dependency langchain-core to v1 #30

Uh oh!

Uh oh!

Update dependency langchain-core to v1 #30

Uh oh!

Security Report

pip

/tmp/ws-scm/AutoPrompt/requirements.txt

Re-running checks...

Update dependency langchain-core to v1 #30

Are you sure you want to change the base?

Uh oh!