Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/03/05 8:19 p.m.2 views

GHSA-G48C-2WQR-H844 LangGraph checkpoint loading has unsafe msgpack deserialization

LangGraph checkpointers can load msgpack-encoded checkpoints that reconstruct Python objects during deserialization. If an attacker can modify checkpoint data in the backing store for example, after a database compromise or other privileged write access to the persistence layer, they can...

6.8CVSS6.4AI score0.05219EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2026/03/05 8:19 p.m.13 views

LangGraph checkpoint loading has unsafe msgpack deserialization

LangGraph checkpointers can load msgpack-encoded checkpoints that reconstruct Python objects during deserialization. If an attacker can modify checkpoint data in the backing store for example, after a database compromise or other privileged write access to the persistence layer, they can...

7.2CVSS6.3AI score0.05219EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2026/03/05 7:10 p.m.30 views

CVE-2026-28277 LangGraph: Unsafe msgpack deserialization in LangGraph checkpoint loading

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. In version 1.0.9 and prior, LangGraph checkpointers can load msgpack-encoded checkpoints that reconstruct Python objects during deserialization. If an attacker can...

6.8CVSS0.05219EPSS
Exploits0References1
CVE
CVEadded 2026/03/05 7:10 p.m.19 views

CVE-2026-28277

CVE-2026-28277 affects LangGraph checkpoint loading using an SQLite-backed checkpoint store. In versions ≤1.0.9, msgpack-encoded checkpoints may deserialize into Python objects, enabling an attacker with write access to the checkpoint store to craft payloads that trigger unsafe reconstruction whe...

7.2CVSS5.9AI score0.05219EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVEadded 2026/03/04 12:26 a.m.1 views

SUSE CVE-2026-25899

Fiber is an Express inspired web framework written in Go. In versions on the v3 branch prior to 3.1.0, the use of the fiberflash cookie can force an unbounded allocation on any server. A crafted 10-character cookie value triggers an attempt to allocate up to 85GB of memory via unvalidated msgpack...

7.5CVSS5.8AI score0.00396EPSS
Exploits1References3
OSV
OSVadded 2026/02/24 8:57 p.m.5 views

GHSA-2MR3-M5Q5-WGP6 Fiber is Vulnerable to Denial of Service via Flash Cookie Unbounded Allocation

Summary The use of the fiberflash cookie can force an unbounded allocation on any server. A crafted 10-character cookie value triggers an attempt to allocate up to 85GB of memory via unvalidated msgpack deserialization. No authentication is required. Every GoFiber v3 endpoint is affected regardle...

7.5CVSS5.9AI score0.00396EPSS
Exploits1References5
CNNVD
CNNVDadded 2026/02/24 12:0 a.m.5 views

Fiber 安全漏洞

Fiber is an open-source web framework written in Go language. Versions of Fiber prior to 3.1.0 have a security vulnerability. This vulnerability stems from the fiberflash cookie, which can trigger excessive memory allocation through unvalidated msgpack deserialization, potentially leading to...

7.5CVSS5.8AI score0.00396EPSS
Exploits1References2
Rows per page
Query Builder