{"id":"ECHO-8479-4c4c-18a0","upstream":["CVE-2026-40087","GHSA-926x-3r5x-gfhw"],"severity":[],"modified":"2026-07-01T13:02:23.107Z","affected":[{"package":{"ecosystem":"Echo:PyPi","name":"langchain-core","purl":"pkg:pypi/langchain-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.3.84"}]}]}],"references":[{"type":"WEB","url":"https://advisory.echohq.com/cve/CVE-2026-40087"},{"type":"WEB","url":"https://github.com/advisories/GHSA-926x-3r5x-gfhw"}]}