LangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents

Cybersecurity researchers have disclosed a now-patched security flaw in LangChain's LangSmith platform that could be exploited to capture sensitive data, including API keys and user prompts. The vulnerability, which carries a CVSS score of 8.8 out of a maximum of 10.0, has been codenamed AgentSmith by Noma Security. LangSmith is an observability and evaluation platform that allows users to

Read more https://thehackernews.com/2025/06/langchain-langsmith-bug-let-hackers.html