CVE-2025-46726: 
Python vulnerability analysis and mitigation

CVE-2025-46726 affects Langroid, a framework for building large-language-model-powered applications. Prior to version 0.53.4, applications using the XMLToolMessage class were vulnerable to untrusted XML input processing that could lead to Denial of Service (DoS) attacks and potential exposure of sensitive information through local file access. The vulnerability was discovered and disclosed on May 5, 2025, and has been patched in version 0.53.4 (GitHub Advisory).

The vulnerability stems from the unsafe use of the lxml library in the XMLToolMessage class. The implementation used an XMLParser without proper safeguards, making it vulnerable to XML External Entity (XXE) attacks. The vulnerable code in the XMLToolMessage class initialized the parser without security controls: parser = etree.XMLParser(strip_cdata=False). The vulnerability has been assigned a CVSS v4.0 score of 7.8 (HIGH) with the vector string CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P and is classified as CWE-611 (Improper Restriction of XML External Entity Reference) (NVD).

The vulnerability could allow attackers to perform denial of service attacks through quadratic blowup attacks and potentially access sensitive local files through XML external entity processing. For example, a malicious XML payload could cause exponential memory usage by expanding entities recursively, potentially crashing the application (GitHub Advisory).

The vulnerability has been fixed in Langroid version 0.53.4. The fix includes initializing the XMLParser with flags to prevent XML External Entity (XXE), billion laughs, and external DTD attacks by disabling entity resolution, DTD loading, and network access. Users are advised to upgrade to version 0.53.4 or later (GitHub Advisory).