Intel

AIKIDO-2026-890022

langsmith is vulnerable to Cross-Site Scripting (XSS)

Cross-Site Scripting (XSS) Pre-CVE
Found by Aikido Intel before public disclosure or CVE publication.
Published Today

59

Medium Risk

This Affects:

PYTHONlangsmith
0.4.42 - 0.10.0
Fixed in 0.10.1
Are you affected? Scan for Free

TL;DR

The InsightsReport._repr_html_ method builds an HTML anchor for rich display (for example in Jupyter notebooks) by interpolating the report name and link fields directly into the returned markup without escaping. When a rendered report carries attacker-influenced content, the raw values break out of the anchor and inject arbitrary HTML and JavaScript that executes in the context of the page showing the representation. This stored cross-site scripting can run whenever the object's rich HTML representation is rendered. The fix wraps self.name and self.link in html.escape before embedding them.

Who does this affect?

You are affected if you are using a version that falls within the vulnerable range and you render InsightsReport objects containing attacker-influenced content in a notebook or other HTML-rendering environment.

Background info

langsmith is vulnerable to Cross-Site Scripting (XSS) in versions 0.4.42 - 0.10.0.

How to fix this

Upgrade the langsmith library to the patch version.