Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Github Security Blog
Github Security Blogadded 2026/02/25 10:59 p.m.6 views

LangGraph: BaseCache Deserialization of Untrusted Data may lead to Remote Code Execution

Context A Remote Code Execution vulnerability exists in LangGraph's caching layer when applications enable cache backends that inherit from BaseCache and opt nodes into caching via CachePolicy. Prior to langgraph-checkpoint 4.0.0, BaseCache defaults to JsonPlusSerializerpicklefallback=True. When...

6.6CVSS6.7AI score0.00698EPSS
Exploits0References6Affected Software1
EUVD
EUVDadded 2026/02/25 10:59 p.m.4 views

EUVD-2026-8696

LangGraph: BaseCache Deserialization of Untrusted Data may lead to Remote Code Execution...

6.6CVSS5.5AI score0.00698EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/02/25 8:17 p.m.5 views

CVE-2026-27794

A flaw was found in LangGraph Checkpoint. This vulnerability allows a remote attacker with write access to the cache backend to achieve remote code execution. This occurs when applications enable cache backends that inherit from BaseCache and opt nodes into caching via CachePolicy. If msgpack...

6.6CVSS6.5AI score0.00698EPSS
Exploits0References7
Vulnrichment
Vulnrichmentadded 2026/02/25 4:53 p.m.4 views

CVE-2026-27794 LangGraph: BaseCache Deserialization of Untrusted Data may lead to Remote Code Execution

LangGraph Checkpoint defines the base interface for LangGraph checkpointers. Prior to version 4.0.0, a Remote Code Execution vulnerability exists in LangGraph's caching layer when applications enable cache backends that inherit from BaseCache and opt nodes into caching via CachePolicy. Prior to...

6.6CVSS5.8AI score0.00698EPSS
Exploits0References4
CVE
CVEadded 2026/02/25 4:53 p.m.53 views

CVE-2026-27794

LangGraph CVE-2026-27794 affects the Checkpoint component prior to version 4.0.0 where the BaseCache default serializer (JsonPlusSerializer with pickle_fallback) can deserialize attacker-supplied bytes from a cache backend if the application enables caching and nodes opt into CachePolicy. An atta...

6.6CVSS5.8AI score0.00698EPSS
Exploits0References4
OSV
OSVadded 2026/02/25 4:53 p.m.3 views

CVE-2026-27794 LangGraph: BaseCache Deserialization of Untrusted Data may lead to Remote Code Execution

LangGraph Checkpoint defines the base interface for LangGraph checkpointers. Prior to version 4.0.0, a Remote Code Execution vulnerability exists in LangGraph's caching layer when applications enable cache backends that inherit from BaseCache and opt nodes into caching via CachePolicy. Prior to...

6.6CVSS5.9AI score0.00698EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/02/25 12:0 a.m.5 views

PT-2026-21967

Name of the Vulnerable Software and Affected Versions LangGraph versions prior to 4.0.0 Description A Remote Code Execution issue exists in LangGraph's caching layer when applications enable cache backends inheriting from BaseCache and opt nodes into caching via CachePolicy. Prior to version 4.0....

6.6CVSS5.6AI score0.00698EPSS
Exploits0References13
Veracode
Veracodeadded 2021/11/11 8:49 a.m.22 views

Directory Traversal

github.com/cloudflare/cfrpki is vulnerable to directory traversal. The vulnerability exists due to a lack of sanitization of the URI filename, allowing an attacker to create a file on the disk outside the base cache folder...

9.8CVSS4.3AI score0.04065EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder