4 matches found
CVE-2026-27022
@langchain/langgraph-checkpoint-redis is the Redis checkpoint and store implementation for LangGraph. A query injection vulnerability exists in the @langchain/langgraph-checkpoint-redis package's filter handling. The RedisSaver and ShallowRedisSaver classes construct RediSearch queries by directl...
CVE-2026-27022 RediSearch Query Injection in @langchain/langgraph-checkpoint-redis
@langchain/langgraph-checkpoint-redis is the Redis checkpoint and store implementation for LangGraph. A query injection vulnerability exists in the @langchain/langgraph-checkpoint-redis package's filter handling. The RedisSaver and ShallowRedisSaver classes construct RediSearch queries by directl...
CVE-2026-27022
CVE-2026-27022 affects the LangGraph Redis checkpoint implementation in the package @langchain/langgraph-checkpoint-redis. The RedisSaver and ShallowRedisSaver construct RediSearch queries by directly interpolating user-provided filter keys and values without proper escaping, allowing injection o...
PT-2026-21300
Name of the Vulnerable Software and Affected Versions @langchain/langgraph-checkpoint-redis versions prior to 1.0.2 Description A query injection issue exists in the RedisSaver and ShallowRedisSaver classes of the @langchain/langgraph-checkpoint-redis package. These classes build RediSearch queri...