langgraph 代码问题漏洞

Langgraph is a large-scale model framework developed by LangChain. Versions of Langgraph prior to 4.0.0 had code-related vulnerabilities. These vulnerabilities stemmed from the caching layer’s ability to deserialize cached values using pickle.loads when msgpack serialization fails, potentially...

PT-2026-21967

Name of the Vulnerable Software and Affected Versions LangGraph versions prior to 4.0.0 Description A Remote Code Execution issue exists in LangGraph's caching layer when applications enable cache backends inheriting from BaseCache and opt nodes into caching via CachePolicy. Prior to version 4.0....

Exploit for CVE-2025-67644

CVE-2025-67644 PoC – LangGraph SQLite Checkpoint SQL Injection...

CVE-2026-27022 RediSearch Query Injection in @langchain/langgraph-checkpoint-redis

@langchain/langgraph-checkpoint-redis is the Redis checkpoint and store implementation for LangGraph. A query injection vulnerability exists in the @langchain/langgraph-checkpoint-redis package's filter handling. The RedisSaver and ShallowRedisSaver classes construct RediSearch queries by directl...

@langgraph-js/pure-graph (>=1.3.0 <=1.5.3), @langgraph-js/sdk (>=3.0.0 <=3.1.0) +1 more potentially affected by CVE-2026-27022 via @langchain/langgraph-checkpoint-redis (=0.0.2)

@langchain/langgraph-checkpoint-redis NPM version =0.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on @langchain/langgraph-checkpoint-redis and may be impacted: - @langgraph-js/pure-graph =1.3.0, =3.0.0, =3.0.0, =3.0.1 Source cves: CVE-2026-27022...

SQL Injection

LangGraph SQLite Checkpoint is vulnerable to SQL injection. The vulnerability is due to unsafe construction of SQL queries using unvalidated metadata filter keys, where attacker-controlled keys are interpolated directly into SQL f-strings in the checkpoint search logic, allowing manipulation of...

SQL Injection

langgraph-checkpoint-sqlite is vulnerable to SQL Injection. The vulnerability is due to use of direct string concatenation without proper parameterization in database queries, which allows an attacker to inject arbitrary SQL and bypass access controls...

CVE-2025-67644

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. Versions 3.0.0 and below are vulnerable to SQL injection through the checkpoint implementation. Checkpoint allows attackers to manipulate SQL queries through...

CVE-2025-67644

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. Versions 3.0.0 and below are vulnerable to SQL injection through the checkpoint implementation. Checkpoint allows attackers to manipulate SQL queries through...

langgraph SQL注入漏洞

langgraph is a large modeling framework open source by LangChain. An SQL injection vulnerability exists in langgraph 3.0.0 and earlier versions, which stems from an unvalidated metadata filter key that could lead to an SQL injection attack...

SQL Injection

Overview langgraph-checkpoint-sqlite is a Library with a SQLite implementation of LangGraph checkpoint saver. Affected versions of this package are vulnerable to SQL Injection via the metadatapredicate function. An attacker can execute arbitrary SQL commands by supplying crafted metadata filter...

langgraph-agent-toolkit (>=0.8.0 <=0.8.15) potentially affected by CVE-2025-67644 via langgraph-checkpoint-sqlite (=3.0.0)

langgraph-checkpoint-sqlite PYPI version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on langgraph-checkpoint-sqlite and may be impacted: - langgraph-agent-toolkit =0.8.0, =0.8.15 Source cves: CVE-2025-67644 Source advisory:...

CVE-2025-67644

LangGraph SQLite Checkpoint (langgraph-checkpoint-sqlite) is vulnerable to SQL injection in the _metadata_predicate() path, where unvalidated metadata filter keys are interpolated into SQL. Affected versions are 3.0.0 and earlier; fixed in 3.0.1. The issue allows attackers controlling filter keys...

CVE-2025-67644 LangGraph SQLite Checkpoint is vulnerable to SQL Injection via metadata filter key in checkpointer list method

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. Versions 3.0.0 and below are vulnerable to SQL injection through the checkpoint implementation. Checkpoint allows attackers to manipulate SQL queries through...

EUVD-2025-202333

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. Versions 3.0.0 and below are vulnerable to SQL injection through the checkpoint implementation. Checkpoint allows attackers to manipulate SQL queries through...

CVE-2025-67644 LangGraph SQLite Checkpoint is vulnerable to SQL Injection via metadata filter key in checkpointer list method

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. Versions 3.0.0 and below are vulnerable to SQL injection through the checkpoint implementation. Checkpoint allows attackers to manipulate SQL queries through...

CVE-2025-67644 LangGraph SQLite Checkpoint is vulnerable to SQL Injection via metadata filter key in checkpointer list method

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. Versions 3.0.0 and below are vulnerable to SQL injection through the checkpoint implementation. Checkpoint allows attackers to manipulate SQL queries through...

a-mailx (=0.1.0), ai-security-analyzer (>=0.0.45 <=0.0.55) +16 more potentially affected by CVE-2025-67644 via langgraph-checkpoint-sqlite (>=1.0.4 <=3.0.0)

langgraph-checkpoint-sqlite PYPI version =1.0.4, =0.0.45, =0.1.0a2, =0.4.3, =0.1.0a1, =0.0.2, =0.1.0, =0.1.0, =0.1.0, =1.3.41 and more Source cves: CVE-2025-67644 Source advisory: OSV:GHSA-9RWJ-6RC7-P77C...

langgraph-agent-toolkit (>=0.8.0 <=0.8.15) potentially affected by unknown CVE via langgraph-checkpoint-sqlite (=3.0.0)

langgraph-checkpoint-sqlite PYPI version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on langgraph-checkpoint-sqlite and may be impacted: - langgraph-agent-toolkit =0.8.0, =0.8.15 Source cves: unknown CVE Source advisory:...

LangGraph's SQLite is vulnerable to SQL injection via metadata filter key in SQLite checkpointer list method

Context A SQL injection vulnerability exists in LangGraph's SQLite checkpoint implementation that allows attackers to manipulate SQL queries through metadata filter keys. This affects applications that accept untrusted metadata filter keys not just filter values in checkpoint search operations...