langchain
pypiv1.2.16Building applications with LLMs through composability
License MITpermissive487 versions20 deps55,074,546 weekly dl
langchain-ai/langchain85
/ 100
Health
do not use
langchain has critical vulnerabilities — do not use
Update to >= 2.8.5 to fix known vulnerabilities
- 1 critical vulnerabilities
Health breakdown0 – 100
25/25
maintenance
20/20
popularity
15/25
security
15/15
maturity
10/15
community
Vulnerabilities
1
1 critical
Advisories (1)
| Severity | ID | Summary | Fixed in |
|---|---|---|---|
| critical | CVE-2023-39631 | Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr library | 2.8.5 |
OSS Scorecard
OpenSSF security posture score
6.4/10
moderate
Maintainer trust
Active maintainers (3m)
9
Contributors (12m)
9
Primary author dominance
43%
GitHub stars
134,405
Quality signals
OSS Criticality
0.51high
Download trend
stable(0%)
Health History
Dependency Tree
License Audit
Dependencies (20)
langchain-corelanggraphpydanticlangchain-anthropic;langchain-aws;langchain-azure-ai;langchain-basetenlangchain-community;langchain-deepseek;langchain-fireworks;langchain-google-genai;langchain-google-vertexai;langchain-groq;langchain-huggingface;langchain-mistralai;langchain-ollama;langchain-openai;langchain-perplexity;langchain-together;langchain-xai;
API access
Get this data programmatically — free, no authentication.
curl https://depscope.dev/api/check/pypi/langchainLast updated · 2026-04-29T21:02:42.779465Z