CVE-2025-67644

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. Versions 3.0.0 and below are vulnerable to SQL injection through the checkpoint implementation. Checkpoint allows attackers to manipulate SQL queries through...

SQL Injection

Overview langgraph-checkpoint-sqlite is a Library with a SQLite implementation of LangGraph checkpoint saver. Affected versions of this package are vulnerable to SQL Injection via the metadatapredicate function. An attacker can execute arbitrary SQL commands by supplying crafted metadata filter...

langgraph-agent-toolkit (>=0.8.0 <=0.8.15) potentially affected by CVE-2025-67644 via langgraph-checkpoint-sqlite (=3.0.0)

langgraph-checkpoint-sqlite PYPI version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on langgraph-checkpoint-sqlite and may be impacted: - langgraph-agent-toolkit =0.8.0, =0.8.15 Source cves: CVE-2025-67644 Source advisory:...

CVE-2025-67644 LangGraph SQLite Checkpoint is vulnerable to SQL Injection via metadata filter key in checkpointer list method

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. Versions 3.0.0 and below are vulnerable to SQL injection through the checkpoint implementation. Checkpoint allows attackers to manipulate SQL queries through...

CVE-2025-67644

LangGraph SQLite Checkpoint (langgraph-checkpoint-sqlite) is vulnerable to SQL injection in the _metadata_predicate() path, where unvalidated metadata filter keys are interpolated into SQL. Affected versions are 3.0.0 and earlier; fixed in 3.0.1. The issue allows attackers controlling filter keys...

CVE-2025-67644 LangGraph SQLite Checkpoint is vulnerable to SQL Injection via metadata filter key in checkpointer list method

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. Versions 3.0.0 and below are vulnerable to SQL injection through the checkpoint implementation. Checkpoint allows attackers to manipulate SQL queries through...

GHSA-9RWJ-6RC7-P77C LangGraph's SQLite is vulnerable to SQL injection via metadata filter key in SQLite checkpointer list method

Context A SQL injection vulnerability exists in LangGraph's SQLite checkpoint implementation that allows attackers to manipulate SQL queries through metadata filter keys. This affects applications that accept untrusted metadata filter keys not just filter values in checkpoint search operations...

SQL Injection

Overview langgraph-checkpoint-sqlite is a Library with a SQLite implementation of LangGraph checkpoint saver. Affected versions of this package are vulnerable to SQL Injection due to untrusted metadata filter keys being directly used in SQL queries without proper validation. An attacker can acces...

langgraph-agent-toolkit (>=0.8.0 <=0.8.15) potentially affected by unknown CVE via langgraph-checkpoint-sqlite (=3.0.0)

langgraph-checkpoint-sqlite PYPI version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on langgraph-checkpoint-sqlite and may be impacted: - langgraph-agent-toolkit =0.8.0, =0.8.15 Source cves: unknown CVE Source advisory:...

a-mailx (=0.1.0), ai-security-analyzer (>=0.0.45 <=0.0.55) +16 more potentially affected by CVE-2025-67644 via langgraph-checkpoint-sqlite (>=1.0.4 <=3.0.0)

langgraph-checkpoint-sqlite PYPI version =1.0.4, =0.0.45, =0.1.0a2, =0.4.3, =0.1.0a1, =0.0.2, =0.1.0, =0.1.0, =0.1.0, =0.1.14 - my-agent =0.1.0 - novachain =0.1.0 - paper-sage =1.0.5 and more Source cves: CVE-2025-67644 Source advisory: OSV:GHSA-9RWJ-6RC7-P77C...

LangGraph's SQLite is vulnerable to SQL injection via metadata filter key in SQLite checkpointer list method

Context A SQL injection vulnerability exists in LangGraph's SQLite checkpoint implementation that allows attackers to manipulate SQL queries through metadata filter keys. This affects applications that accept untrusted metadata filter keys not just filter values in checkpoint search operations...

PT-2025-50558

Name of the Vulnerable Software and Affected Versions LangGraph versions 3.0.0 and below Description The LangGraph SQLite Checkpoint component, used for saving data with SQLite databases, has a flaw. Versions 3.0.0 and below are susceptible to SQL injection. This occurs because the metadata...

Ubuntu: Security Advisory (USN-7900-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2025-48584

Name of the Vulnerable Software and Affected Versions Tencent TFace affected versions not specified Description The software contains a flaw in the restore checkpoint function due to insufficient validation of user-supplied data, leading to deserialization of untrusted data. This allows remote...

PT-2025-48581

Name of the Vulnerable Software and Affected Versions Tencent PatrickStar affected versions not specified Description A flaw exists in Tencent PatrickStar that allows remote attackers to execute arbitrary code. User interaction is required, specifically the target must visit a malicious page or...

PT-2025-48583

Name of the Vulnerable Software and Affected Versions Tencent NeuralNLP-NeuralClassifier affected versions not specified Description A flaw exists within the load checkpoint function that allows remote attackers to execute arbitrary code on affected installations. The issue stems from insufficien...

The price of ChatGPT’s erotic chat? $20/month and your identity

To talk dirty to ChatGPT, you may soon have to show it your driver’s license. OpenAI announced last month that ChatGPT will soon offer erotica—but only for verified adults. That sounds like a clever guardrail until you realize what “verified” might mean: uploading government identification to a...

CVE-2025-64439

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. In versions 2.1.2 and below, the JsonPlusSerializer used as the default serialization protocol for all checkpointing contains a Remote Code Execution RCE...

EUVD-2025-37934

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. In versions 2.1.2 and below, the JsonPlusSerializer used as the default serialization protocol for all checkpointing contains a Remote Code Execution RCE...

CVE-2025-64439

CVE-2025-64439 : LangGraph SQLite Checkpoint uses JsonPlusSerializer (default for all checkpointing) with a potential RCE when deserializing payloads saved in the json mode. Prior to 3.0.0, if Unicode surrogate values caused serialization to fail, it could fall back to json, enabling deserializat...