Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2026-14742

CVE-2026-14742: LangGraph Weak Hash RCE Vulnerability

CVE-2026-14742 is a remote code execution vulnerability in langchain-ai langgraph up to version 1.2.4 caused by weak hash usage in the Task Result Cache. This article covers technical details, affected versions, and mitigation.

Published:

CVE-2026-14742 Overview

CVE-2026-14742 affects langchain-ai/langgraph versions up to 1.2.4. The vulnerability resides in the _freeze function within libs/langgraph/langgraph/_internal/_cache.py, part of the Task Result Cache component. Manipulation of the default_cache_key argument causes the use of a weak hash algorithm [CWE-327]. The issue is exploitable remotely, though attack complexity is high and successful exploitation is described as difficult. A public disclosure exists, and a pull request to remediate the flaw awaits acceptance upstream.

Critical Impact

A remote attacker with low privileges can leverage the weak hashing behavior in the Task Result Cache to influence cache-key uniqueness, potentially causing collision-based cache confusion in LangGraph workflows.

Affected Products

  • langchain-ai langgraph up to and including version 1.2.4
  • Component: Task Result Cache (libs/langgraph/langgraph/_internal/_cache.py)
  • Function: _freeze handling default_cache_key

Discovery Timeline

  • 2026-07-05 - CVE-2026-14742 published to NVD
  • 2026-07-06 - Last updated in NVD database

Technical Details for CVE-2026-14742

Vulnerability Analysis

LangGraph uses the _freeze helper to normalize task inputs so they can be transformed into a deterministic cache key. When default_cache_key is derived, the implementation relies on a cryptographically weak hash function to fingerprint frozen structures. Because the hash is not collision-resistant, distinct task inputs can produce the same cache key. An attacker who can influence task parameters submitted to a LangGraph workflow can craft inputs that collide with a legitimate cached entry and retrieve or overwrite the result associated with that key.

The attack must be delivered over the network and requires low privileges, but crafting a usable collision against the target's cache namespace makes exploitation difficult in practice. The EPSS estimate is 0.16%, consistent with the high complexity described by the reporter.

Root Cause

The root cause is the selection of a non-cryptographic or otherwise weak hash primitive inside _freeze for generating default_cache_key. Cache keys used to arbitrate stored task results should be built on collision-resistant primitives such as SHA-256. Using a weak hash violates the security assumption that unique inputs yield unique cache entries.

Attack Vector

Exploitation requires a remote actor with the ability to submit task inputs to a LangGraph workflow that uses the Task Result Cache. The attacker constructs inputs designed to collide with the cache key of a legitimate cached task, and then either observes the cached response for another user's input or poisons the cache entry so subsequent lookups return attacker-influenced data. See the GitHub Issue #8009 and GitHub Pull Request #8069 for technical discussion.

No verified public exploit code is available. The vulnerability mechanism is described in prose because no vetted proof-of-concept has been published in the referenced advisories.

Detection Methods for CVE-2026-14742

Indicators of Compromise

  • Unexpected cache hits in LangGraph task execution logs where the input payloads differ from the originating cached request.
  • Repeated task submissions from a single client that iterate over structurally similar payloads, consistent with collision search.
  • Divergence between logged task inputs and returned task outputs for cached workflow steps.

Detection Strategies

  • Instrument _freeze and cache lookup code paths to log both the raw input hash and the resulting default_cache_key, and alert on colliding inputs.
  • Compare cache-key distribution over time; a sudden narrowing of the key space suggests collision attempts.
  • Track LangGraph dependency versions in software composition analysis tooling and flag builds pinned to versions <= 1.2.4.

Monitoring Recommendations

  • Enable verbose logging around task caching for multi-tenant LangGraph deployments and forward events to a centralized analytics platform.
  • Monitor upstream activity on GitHub Pull Request #8069 to detect when a fixed release becomes available.
  • Baseline normal cache hit ratios per workflow and alert on statistically significant deviations.

How to Mitigate CVE-2026-14742

Immediate Actions Required

  • Inventory all applications and services that embed langchain-ai/langgraph at version 1.2.4 or earlier.
  • Restrict who can submit tasks to LangGraph workflows to trusted, authenticated principals only.
  • Disable or scope the Task Result Cache in multi-tenant deployments until a patched release is available.

Patch Information

No fixed release has been published at the time of NVD entry. Remediation is tracked in GitHub Pull Request #8069, which awaits acceptance. Consult the langchain-ai/langgraph repository for release notes and upgrade to the first version that merges the fix. Additional advisory context is available at VulDB CVE-2026-14742.

Workarounds

  • Replace the weak hash in a local fork of _cache.py with a collision-resistant primitive such as hashlib.sha256 when building default_cache_key.
  • Segment caches per tenant or per authenticated principal so that cache-key collisions cannot cross trust boundaries.
  • Reduce cache lifetime, or disable caching entirely for workflows that process untrusted input, until the upstream patch is merged.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.