4 matches found
CVE-2026-28277
creationtimestamp| type| source ---|---|--- 2026-06-11 16:10:14+00:00| seen| https://bsky.app/profile/boredchilada.bsky.social/post/3mnzmg7zp4z2u...
agent-nexus-cli (>=0.1.0 <=0.1.31), agentiva (>=0.1.0 <=0.1.5) potentially affected by CVE-2026-28277 via langgraph-checkpoint (>=4.0.0 <=4.0.1)
langgraph-checkpoint PYPI version =4.0.0, =0.1.0, =0.1.0, =0.1.5 Source cves: CVE-2026-28277 Source advisory: SNYK:PYTHON-LANGGRAPHCHECKPOINT-15433491...
adxp-cli (>=0.1.1 <=0.1.21), ag-ui-langgraph (>=0.0.14 <=0.0.29) +115 more potentially affected by CVE-2026-28277 via langgraph (>=1.0.0 <=1.0.10)
langgraph PYPI version =1.0.0, =0.1.1, =0.0.14, =0.0.2, =0.1.0, =0.2.1, =0.1.0, =0.1.0, =0.0.48, =0.0.54, =0.1.2, =0.1.4, =0.2.0 - chatlas-frontend =1.0.0 and more Source cves: CVE-2026-28277 Source advisory: SNYK:PYTHON-LANGGRAPH-15433492...
CVE-2026-28277
LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. In version 1.0.9 and prior, LangGraph checkpointers can load msgpack-encoded checkpoints that reconstruct Python objects during deserialization. If an attacker can...