A vulnerability marked as problematic has been reported in langchain-ai langsmith-sdk up to 0.5.17 . Affected is the function Set . The manipulation leads to improperly controlled modification of object prototype attributes. This vulnerability is uniquely identified as CVE-2026-40190 . The attack is possible to be carried out remotely. No exploit exists. It is suggested to upgrade the affected component.