LangChain has released langchain-core==1.2.30, a minor version bump over 1.2.29 with one change worth paying attention to: hardened protections against Server-Side Request Forgery (SSRF) attacks in the library's private utilities.
What's new
The release contains two commits: a version bump and a security-focused hardening of internal SSRF utilities, ported from PR #36768 into the release branch via #36769. SSRF vulnerabilities allow attackers to coerce a server into making unintended requests to internal or external resources — a real risk in agentic frameworks that routinely fetch URLs, hit APIs, and chain external calls together.
Why it matters
LangChain sits in a lot of production pipelines. Agentic and RAG applications built on langchain-core are exactly the kind of workloads where SSRF exposure is non-trivial — if user-controlled input can influence outbound requests, a weak SSRF guard is a liability. Hardening these utilities, even in a point release, is the right call.
What to watch
The fix is tagged as a port, suggesting the patch originated elsewhere and was backported here. Teams running langchain-core in any environment where LLM agents can trigger network requests should update. No CVE is referenced in the release notes, but the nature of the change warrants treating it as a security update regardless.