CVE-2025-6985: 
Python vulnerability analysis and mitigation

The HTMLSectionSplitter class in langchain-text-splitters version 0.3.8 has been identified with a critical XML External Entity (XXE) vulnerability (CVE-2025-6985), discovered and disclosed on October 6, 2025. This vulnerability affects systems using the langchain-text-splitters library with custom XSLT functionality enabled (NVD).

The vulnerability stems from unsafe XSLT parsing in the HTMLSectionSplitter class. The issue arises because the class allows arbitrary XSLT stylesheets to be parsed using lxml.etree.parse() and lxml.etree.XSLT() without proper security measures. In lxml versions up to 4.9.x, external entities are resolved by default, while in versions 5.0 and above, the XSLT document() function can still read any URI unless XSLTAccessControl is applied. The vulnerability has been assigned a CVSS v3.0 base score of 7.5 (High) with the vector string CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (NVD, Miggo).

This vulnerability enables remote attackers to gain read-only access to any file that the LangChain process can reach. This includes sensitive files such as SSH keys, environment files, source code, and cloud metadata. The impact is particularly severe as it requires no authentication, special privileges, or user interaction for exploitation (NVD).

A patch has been released in version 1.0.0a1 of langchain-text-splitters to address this vulnerability. Users are strongly advised to upgrade to this version or later (Miggo).