A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and even influence large language model (LLM) responses through prompt injection.
LangChain Core (i.e., langchain-core) is a core Python package that’s part of the LangChain ecosystem, providing the core interfaces and model-agnostic abstractions for building applications powered by LLMs.
The vulnerability, tracked as CVE-2025-68664, carries a CVSS score of 9.3 out of 10.0. Security researcher Yarden Porat has been credited with reporting the vulnerability on December 4, 2025. It has been codenamed LangGrinch.
“A serialization injection vulnerability exists in LangChain’s dumps() and dumpd() functions,” the project maintainers said in an advisory. “The functions do not escape dictionaries with ‘lc’ keys when serializing free-form dictionaries.”
“The ‘lc’ key is used internally by LangChain to mark serialized objects. When user-controlled data contains this key structure, it is treated as a legitimate LangChain object during deserialization rather than plain user data.”
According to Cyata researcher Porat, the crux of the problem has to do with the two functions failing to escape user-controlled dictionaries containing “lc” keys. The “lc” marker represents LangChain objects in the framework’s internal serialization format.
“So once an attacker is able to make a LangChain orchestration loop serialize and later deserialize content including an ‘lc’ key, they would instantiate an unsafe arbitrary object, potentially triggering many attacker-friendly paths,” Porat said.
This could have various outcomes, including secret extraction from environment variables when deserialization is performed with “secrets_from_env=True” (previously set by default), instantiating classes within pre-approved trusted namespaces, such as langchain_core, langchain, and langchain_community, and potentially even leading to arbitrary code execution via Jinja2 templates.
What’s more, the escaping bug enables the injection of LangChain object structures through user-controlled fields like metadata, additional_kwargs, or response_metadata via prompt injection.
The patch released by LangChain introduces new restrictive defaults in load() and loads() by means of an allowlist parameter “allowed_objects” that allows users to specify which classes can be serialized/deserialized. In addition, Jinja2 templates are blocked by default, and the “secrets_from_env” option is now set to “False” to disable automatic secret loading from the environment.
The following versions of langchain-core are affected by CVE-2025-68664 –
It’s worth noting that there exists a similar serialization injection flaw in LangChain.js that also stems from not properly escaping objects with “lc” keys, thereby enabling secret extraction and prompt injection. This vulnerability has been assigned the CVE identifier CVE-2025-68665 (CVSS score: 8.6).
It impacts the following npm packages –
@langchain/core >= 1.0.0,
@langchain/core
langchain >= 1.0.0,
langchain
In light of the criticality of the vulnerability, users are advised to update to a patched version as soon as possible for optimal protection.
“The most common attack vector is through LLM response fields like additional_kwargs or response_metadata, which can be controlled via prompt injection and then serialized/deserialized in streaming operations,” Porat said. “This is exactly the kind of ‘AI meets classic security’ intersection where organizations get caught off guard. LLM output is an untrusted input.”
Kennedy Center president Richard Grenell lambasted a performer’s decision to cancel an annual Christmas Eve jazz concert, following the addition of President Donald Trump’s name to the Washington, DC, arts venue.
In a letter, first obtained and published by the Associated Press on Friday, Grenell sharply criticizes jazz artist Chuck Redd’s actions and praises Trump for his leadership as the center’s chairman — a role the president’s handpicked board elected him to early in his second term after he ousted his predecessor.
“Your decision to withdraw at the last moment—explicitly in response to the Center’s recent renaming, which honors President Trump’s extraordinary efforts to save this national treasure—is classic intolerance and very costly to a non-profit Arts institution,” Grenell, a longtime Trump confidant, wrote on letterhead bearing the new “Trump Kennedy Center” logo.
Redd told CNN on Wednesday that he canceled the holiday jazz concert, which he has hosted for nearly two decades, after seeing the board’s move to rename the building last week.
“I’ve been performing at the Kennedy Center since the beginning of my career and I was saddened to see this name change,” Redd said.
Grenell goes on to fault Redd for financial fallout relating to what he called a “political stunt” and said the center will seek $1 million in damages.
CNN has reached out to Redd and the Kennedy Center for comment.
The cancelation of the free “Jazz Jam” show followed a vote by the John F. Kennedy Center for the Performing Arts’s board of trustees to rename the cultural institution for both the Democratic former president and Trump last week.
In the hours after the vote, the center updated its website and the following day installed new signage to the facade of the building bearing Trump’s name.
The move quickly sparked outrage from Kennedy family, lawmakers and patrons of the historic center, including a lawsuit from one Democratic congresswoman challenging whether the board has the authority to rename the facility, which Congress designated in 1964 as a memorial to the 35th president.
Prior to the renaming, Trump’s overhaul of the center was already raising concerns about lost revenue as both artists and audiences flee for other venues. Artists including Issa Rae, Renée Fleming, Shonda Rhimes and Ben Folds resigned from their leadership roles or canceled events at the space. And Jeffrey Seller, producer of the hit musical “Hamilton,” canceled the show’s planned run earlier this year.
This holiday season, lagging ticket sales have also impacted “The Nutcracker,” historically one of the center’s most popular events. Approximately 10,000 seats were sold for this year’s production across seven performances, compared with around 15,000 seats each in the 2021 through 2024 performances, according to internal sales data reviewed by CNN.
The Kennedy Center comped approximately five times more tickets for the performances this year than in the past four years, the data showed. And this year’s show has fallen about half a million dollars short of its $1.5 million budgeted revenue goal.
CNN’s Betsy Klein contributed to this report.
For more CNN news and newsletters create an account at CNN.com
Post-pandemic, the Las Vegas Strip went through a boom period.
People had been stuck in their homes and were eager to get back to having fun. That’s why 2022 was a record year for Las Vegas.
“Total economic output related to visitor spending reached a record $79.3 billion in 2022, a 24.7% increase from the previous record set in 2019,” according to a report from the Las Vegas Convention and Visitors Authority (LVCVA).
“Following the disproportionate impacts suffered by tourist destinations like Las Vegas during the pandemic, Las Vegas demonstrated a strong rebound as a favorite location for pent up travel demand. Visitor spending in 2022 hit an all-time high of $44.9 billion, exceeding pre-pandemic levels. Total spending by visitors in 2022 outpaced the prior year by 24.4% and the 2019 total by 21.8%,” the LVCVA shared.
Numbers remained strong through 2024, driven by events and conventions, but sentiments have been mixed about the future.
Barry Jonas, an analyst at Truist Securities, shared that mid-week and lower-tier leisure travel has been soft at the end of 2025.
“Commentary seems to be improving with a more positive outlook on (the fourth quarter) and into 2026, led by a strong event calendar. Everyone we spoke with expected record group business in the full year 2026,” Jonas wrote in a recent investor’s note. “While many operators believe Vegas (public relations) concerns may be overblown, there is an operator increasing focus on the importance of delivering more value at all price points paid for experiences.”
Data show, however, that Las Vegas’ problems run deeper than Jonas would have you believe.
“Harry Reid International Airport posted its sharpest monthly decline of 2025 in November, continuing a year‑long slide in passenger traffic that even this year’s Formula 1 Las Vegas Grand Prix couldn’t slow,” Casino.org reported.
2020: 19.0 million visitors; pandemic low due to Covid travel restrictions.
2021: 32.2 million visitors; significant rebound from 2020.
2022: 38.8 million visitors; continued recovery as tourism resumed.
2023: 40.8 million visitors; highest total since pre-pandemic, a 5.2% increase from 2022.
2024: 41.7 million visitors; modest year-over-year growth, nearing pre-pandemic levels. Sources: Vegas Primer, Casino.org
Preliminary numbers for 2025 show some weakness.
“UNLV’s Center for Business and Economic Research (CBER) projects that Las Vegas will host about 39.1 million visitors in 2025 — a decline of roughly 6% from 2024’s 41.6 million visitors, according to CasinoReviews.Net.
A big reason for the drop in visitors comes because President Donald Trump’s trade policies have discouraged some foreign visitors from coming to the United States.
“European carriers — including British Airways, Virgin Atlantic, KLM, and Aer Lingus — were flat or slightly up, posting modest gains between 0.2% and 9%. The real collapse came from Canada, historically one of Las Vegas’ most reliable international feeders,” Casino.org reported.
Data provided by Harry Reid International showed that the drop in visitors has been significant.
Las Vegas International Airport (Harry Reid) saw more than 450,000 fewer passengers in November compared to the same month last year. The total number was 4.3 million, a 9.6% drop.
That downturn outpaced October’s 8.2% decline and marked the tenth consecutive month of year‑over‑year decreases.
The last monthly increase in passengers was in January, when traffic rose a marginal 0.4%.
Year‑to‑date, Reid has processed 50.6 million passengers, down 5.5% from the same period in 2024. December’s totals will be released in late January. Source: Harry Reid International media relations
The Las Vegas Strip offers varying hotel price points.Shutterstock
As a frequent Las Vegas Strip visitor, until this year, I have noticed that prices have gone up. Resorts now charge for parking, and restaurants seem to have cut portions and raised prices.
It was eye-opening to pay nearly $12 on the Strip for the same Starbucks latte I buy for under $5.50 at home. And, while rooms comps even for mid-tier gamblers remain good, many other perks, such as free meals, pool cabanas, and show tickets, have become scarce.
Nate Silver, the famed data wrangler who wrote a book on Las Vegas titled “On the Edge: The Art of Risking Everything,” shared his thoughts on Las Vegas in a recent post to his website.
“Las Vegas is at its best when it creates a feeling of abundance. Vegas gamblers are famous for burning the candle at both ends. But if at every interface you feel put out — the rooms are overbudget, the food is expensive, and the odds you face at the tables are tilted even further against you — you might reconsider your next trip,” he wrote.
“A cup of regular coffee costing $6 or $7 (after coffee makers were removed from hotel rooms), domestic beers going for $10 or more, cocktails made with well liquor being sold for $25 and up, or fast-food and soft drink combos that exceed $30 a person are just a few examples of uncomfortable price points often cited by visitors,” the paper shared.
Gambling odds have also gotten worse for players.
“Gamblers point to less-than-favorable gaming conditions, such as 6:5 blackjack, triple-zero roulette or $25 table game minimums during slower times of the day as reasons to avoid certain casinos,” it added.
More Travel:
Las Vegas has been taking some steps to address this.
“I think it’s clear that value has been a concern on the part of some of our customers,” LVCVA CEO Steve Hill said during a press conference. “We’re aware of that. The resorts are aware of that.”
Caesars CEO Thomas Reeg addressed the pricing and value question during his company’s third-quarter earnings call.
“On the pricing question, we price hundreds, thousands of items across Vegas every day from, obviously, rooms and restaurants to ATM fees to everything that you purchase in Vegas. And we’re constantly adjusting them, ” he said.
The CEO did admit that his company could make mistakes, but he defended its overall policies.
“And I don’t discount that there are areas in our business and in Las Vegas that might have gotten over their skis pricing-wise. But to put [it] in context, you know, we’re in a quarter where while we’re talking about pricing and degradation to demand, our occupancy percentage was over 90% in the quarter,” he added.
Las Vegas, he pointed out, serves a wide variety of audiences.
“So you know, there’s a value trade in Vegas. What’s great about Vegas is there’s something for everybody. Sean McBurney, our regional president out here, who does such a fantastic job, uses the example of you can come see Paul McCartney and pay $500 plus a ticket the same weekend that you’re gonna see you can see Donnie Osmond for $60. So there’s something at every price point,” he added.
MGM Resorts International CEO William Hornbuckle also addressed pricing during his company’s third-quarter earnings call.
“Of course, that growth ebbs and flows over shorter measurements of time, and this summer, we heard from some of our guests around a value in Las Vegas, and we responded by making adjustments to ensure a rationalized premium value experience across all of our properties. We also partnered with a destination on a fabulous five-day sale during which we sold over 300,000 room nights, nearly doubling our typical pace, reflecting the strong demand that exists for our experiences,” he said.
