CVE-2025-46726 – Langroid XMLToolMessage XML External Entity (XXE) Denial of Service (DoS) and Local File Information Exposure

May 5, 2025

CVE ID : CVE-2025-46726

Published : May 5, 2025, 8:15 p.m. | 3 hours, 19 minutes ago

Description : Langroid is a framework for building large-language-model-powered applications. Prior to version 0.53.4, a LLM application leveraging `XMLToolMessage` class may be exposed to untrusted XML input that could result in DoS and/or exposing local files with sensitive information. Version 0.53.4 fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46730 – “MobSF ZIP Bomb Denial of Service Vulnerability”

Next Article CVE-2025-45618 – Jeeweb Mybatis Springboot Unauthenticated Information Disclosure

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Intel’s latest Arc graphics driver is ready for DOOM: The Dark Ages, launching for Premium Edition owners on PC today

NVIDIA’s drivers are causing big problems for DOOM: The Dark Ages, but some fixes are available

Capcom breaks all-time profit records with 10% income growth after Monster Hunter Wilds sold over 10 million copies in a month

Microsoft plans to lay off 3% of its workforce, reportedly targeting management cuts as it changes to fit a “dynamic marketplace”

A cross-platform Markdown note-taking application

A cross-platform Markdown note-taking application

AI Assistant Demo & Tips for Enterprise Projects

Celebrating Global Accessibility Awareness Day (GAAD)

Intel’s latest Arc graphics driver is ready for DOOM: The Dark Ages, launching for Premium Edition owners on PC today

Intel’s latest Arc graphics driver is ready for DOOM: The Dark Ages, launching for Premium Edition owners on PC today

NVIDIA’s drivers are causing big problems for DOOM: The Dark Ages, but some fixes are available

Capcom breaks all-time profit records with 10% income growth after Monster Hunter Wilds sold over 10 million copies in a month

CVE-2025-46726 – Langroid XMLToolMessage XML External Entity (XXE) Denial of Service (DoS) and Local File Information Exposure

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-4732 – TOTOLINK A3002R/A3002RU HTTP POST Request Handler Buffer Overflow

Smart Data & AI Summit Saudi Arabia 2024

CVE-2025-3968 – Codeprojects News Publishing Site Dashboard SQL Injection Vulnerability

Brisa 0.1.7 Release notes

DeaDBeeF 1.10 Release Brings New Features

Gmail’s new button makes using Gemini to reply to emails on Android a breeze

Blast-RADIUS Vulnerability Affects Widely-Used RADIUS Authentication Protocol

Top remortgage Adviser & Broker in Leeds | Remortgage Advice Leeds

CVE-2025-37782 – Linux HFS slub Out-of-Bounds Write

CVE-2025-46726 – Langroid XMLToolMessage XML External Entity (XXE) Denial of Service (DoS) and Local File Information Exposure

Related Posts