CVE-2025-6985: 
Python vulnerability analysis and mitigation

The HTMLSectionSplitter class in langchain-text-splitters version 0.3.8 contains an XML External Entity (XXE) vulnerability (CVE-2025-6985) discovered on October 6, 2025. This vulnerability affects the default deployments that enable custom XSLT functionality (NVD, Red Hat).

The vulnerability arises from unsafe XSLT parsing where the class allows the use of arbitrary XSLT stylesheets, which are parsed using lxml.etree.parse() and lxml.etree.XSLT() without proper hardening measures. In lxml versions up to 4.9.x, external entities are resolved by default, while in lxml versions 5.0 and above, although entity expansion is disabled, the XSLT document() function can still read any URI unless XSLTAccessControl is applied. The vulnerability has been assigned a CVSS v3.0 base score of 7.5 (High) with vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (NVD).

This vulnerability allows remote attackers to gain read-only access to any file the LangChain process can reach, including sensitive files such as SSH keys, environment files, source code, or cloud metadata. The attack requires no authentication, special privileges, or user interaction (NVD).

According to Red Hat's security advisory, mitigation options for this issue are either not available or do not meet their Product Security criteria for ease of use, deployment, and applicability to widespread installation base or stability (Red Hat).