CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

109 matches found

Positive Technologies•added 2025/11/05 12:0 a.m.•9 views

PT-2025-45384

Name of the Vulnerable Software and Affected Versions LangGraph versions 2.1.2 and below Description LangGraph’s SQLite Checkpoint, which utilizes SQLite databases for checkpoint saving, contains a Remote Code Execution RCE issue in the JsonPlusSerializer when deserializing payloads saved in "jso...

7.4CVSS8.3AI score0.00854EPSS

Exploits0References24

RedhatCVE•added 2025/10/30 7:21 p.m.•15 views

CVE-2025-64104

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. Prior to 2.0.11, LangGraph's SQLite store implementation contains SQL injection vulnerabilities using direct string concatenation without proper parameterization,...

7.3CVSS8.1AI score0.00178EPSS

Exploits0References1

vulnersOsv•added 2025/10/29 10:21 p.m.•4 views

freiburg-ris-ca (=0.1.0), katalyst (=0.9.1) +4 more potentially affected by CVE-2025-64104 via langgraph-checkpoint-sqlite (>=1.0.4 <=2.0.10)

langgraph-checkpoint-sqlite PYPI version =1.0.4, =1.0.1, =0.1.0a1, =0.1.0a24 Source cves: CVE-2025-64104 Source advisory: OSV:GHSA-7P73-8JQX-23R8...

7.3CVSS7.2AI score0.00178EPSS

Exploits0

EUVD•added 2025/10/29 10:21 p.m.•5 views

EUVD-2025-36720

LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore...

7.3CVSS7.5AI score0.00178EPSS

Exploits0References3

OSV•added 2025/10/29 10:21 p.m.•5 views

GHSA-7P73-8JQX-23R8 LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore

Summary LangGraph's SQLite store implementation contains SQL injection vulnerabilities using direct string concatenation without proper parameterization, allowing attackers to inject arbitrary SQL and bypass access controls. Details /langgraph/libs/checkpoint-sqlite/langgraph/store/sqlite/base.py...

7.3CVSS7.2AI score0.00178EPSS

Exploits0References4

NVD•added 2025/10/29 7:15 p.m.•5 views

CVE-2025-64104

7.3CVSS0.00178EPSS

Exploits0References2

OSV•added 2025/10/29 6:55 p.m.•5 views

CVE-2025-64104 LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore

7.3CVSS8.2AI score0.00178EPSS

Exploits0References4

Cvelist•added 2025/10/29 6:55 p.m.•9 views

CVE-2025-64104 LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore

7.3CVSS0.00178EPSS

Exploits0References2

Vulnrichment•added 2025/10/29 6:55 p.m.•2 views

CVE-2025-64104 LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore

7.3CVSS7.7AI score0.00178EPSS

Exploits0References2

CVE•added 2025/10/29 6:55 p.m.•13 views

CVE-2025-64104

LangGraph SQLite Checkpoint (SqliteStore) has a SQL injection vulnerability due to direct string concatenation when building JSON path-based filters. Effective prior to version 2.0.11, this flaw could allow attackers with local privileges to inject arbitrary SQL and bypass access controls. The is...

7.3CVSS7.7AI score0.00178EPSS

Exploits0References2

CNNVD•added 2025/10/29 12:0 a.m.•4 views

langchainlanggraph-checkpoint-sqlite SQL注入漏洞

langchainlanggraph-checkpoint-sqlite is an open source database connectivity Python library from LangChain. An SQL injection vulnerability exists in langchainlanggraph-checkpoint-sqlite versions prior to 2.0.11, which stems from the use of a direct string concatenation that is not properly...

7.3CVSS7.8AI score0.00178EPSS

Exploits0References3

Positive Technologies•added 2025/10/29 12:0 a.m.•5 views

PT-2025-44346

Name of the Vulnerable Software and Affected Versions LangGraph versions prior to 2.0.11 Description The LangGraph SQLite Checkpoint component, used with SQLite databases, contains SQL injection flaws. This is due to direct string concatenation without proper parameterization, which allows...

7.3CVSS7.9AI score0.00178EPSS

Exploits0References7

vulnersOsv•added 2025/10/26 6:48 a.m.•5 views

katalyst (=0.9.1), paper-sage (=1.0.5) +2 more potentially affected by CVE-2025-64104 +1 more via langgraph-checkpoint-sqlite (>=2.0.0 <=2.0.10)

langgraph-checkpoint-sqlite PYPI version =2.0.0, =1.0.1, =0.1.0a1, =0.1.0a24 Source cves: CVE-2025-64104, CVE-2025-8709 Source advisory: SNYK:PYTHON-LANGGRAPHCHECKPOINTSQLITE-13720747...

7.3CVSS7.1AI score0.00178EPSS

Exploits0

Snyk•added 2025/10/26 6:48 a.m.•4 views

SQL Injection

Overview langgraph-checkpoint-sqlite is a Library with a SQLite implementation of LangGraph checkpoint saver. Affected versions of this package are vulnerable to SQL Injection via improper handling of filter $eq, $ne, $gt, $lt, $gte, $lte operators in the LangGraph SQLite store implementation. An...

8.2CVSS7.9AI score0.00178EPSS

Exploits0References2

OSV•added 2025/10/26 6:30 a.m.•3 views

GHSA-4H97-WPXP-3757 LangGraph's SQLite store implementation has a SQL Injection Vulnerability

A SQL injection vulnerability exists in the langchain-ai/langgraph repository, specifically in the LangGraph's SQLite store implementation. The affected version is langgraph-checkpoint-sqlite 2.0.10. The vulnerability arises from improper handling of filter operators $eq, $ne, $gt, $lt, $gte, $lt...

7.3CVSS6AI score0.00162EPSS

Exploits0References6

vulnersOsv•added 2025/10/26 6:30 a.m.•3 views

freiburg-ris-ca (=0.1.0), katalyst (=0.9.1) +4 more potentially affected by CVE-2025-8709 via langgraph-checkpoint-sqlite (>=1.0.4 <=2.0.10)

langgraph-checkpoint-sqlite PYPI version =1.0.4, =1.0.1, =0.1.0a1, =0.1.0a24 Source cves: CVE-2025-8709 Source advisory: OSV:GHSA-4H97-WPXP-3757...

7.3CVSS7.1AI score0.00162EPSS

Exploits0

EUVD•added 2025/10/26 6:30 a.m.•7 views

EUVD-2025-35939

A SQL injection vulnerability exists in the langchain-ai/langchain repository, specifically in the LangGraph's SQLite store implementation. The affected version is langgraph-checkpoint-sqlite 2.0.10. The vulnerability arises from improper handling of filter operators $eq, $ne, $gt, $lt, $gte, $lt...

7.3CVSS7.4AI score0.00162EPSS

Exploits0References2