package

PyPI / langsmith

pkg:pypi/langsmith

MEDIUM 5.3 npm PyPI

LangSmith SDK: Streaming token events bypass output redaction

Modified: 5/6/2026

MEDIUM 5.8 PyPI npm

LangSmith Client SDK Affected by Server-Side Request Forgery via Tracing Header Injection

Modified: 2/22/2026

HIGH 7.1 PyPI npm

LangSmith SDK: Public prompt pull deserializes untrusted manifests without trust boundary warning

Modified: 6/9/2026