a-mailx (=0.1.0), a2a-client-handler (=0.1.0) +432 more potentially affected by CVE-2026-28277 via langgraph (>=0.1.15 <=1.0.10)

langgraph PYPI version =0.1.15, =0.1.5, =0.1.0, =0.1.1, =0.1.1, =0.0.1, =2.1.7, =0.0.2, =0.0.1, =0.1.1, =0.1.2, =0.0.4, =0.5.5 and more Source cves: CVE-2026-28277 Source advisory: OSV:PYSEC-2026-83...

langgraph 代码问题漏洞

langgraph is a large modeling framework open-sourced by LangChain. A code issue vulnerability exists in langgraph version 2.1.2 and below, which stems from a remote code execution vulnerability in JsonPlusSerializer when deserializing payloads saved in json mode...

deepagents (=0.0.12rc3), gradient-adk (>=0.0.3 <=0.1.9) +2 more potentially affected by CVE-2025-64439 via langgraph (>=1.0.0 <=1.0.0a4)

langgraph PYPI version =1.0.0, =0.0.3, =0.1.9 - langchain =1.0.0a10 - novachain =0.1.0 Source cves: CVE-2025-64439 Source advisory: SNYK:PYTHON-LANGGRAPH-13843663...