EUVD-2026-9860

LangGraph checkpoint loading has unsafe msgpack deserialization...

CVE-2026-28277 LangGraph: Unsafe msgpack deserialization in LangGraph checkpoint loading

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. In version 1.0.9 and prior, LangGraph checkpointers can load msgpack-encoded checkpoints that reconstruct Python objects during deserialization. If an attacker can...

PT-2026-23498

Name of the Vulnerable Software and Affected Versions LangGraph versions 1.0.9 and earlier Description LangGraph checkpointers can load msgpack-encoded checkpoints that reconstruct Python objects during deserialization. If an attacker gains privileged write access to the checkpoint data store e.g...

langgraph 代码问题漏洞

Langgraph is a large-scale model framework developed by LangChain. Versions of Langgraph 1.0.9 and earlier contained code vulnerabilities. These vulnerabilities stemmed from the possibility of re-creating Python objects during deserialization, which could lead to insecure object reconstruction...

Secunia Research: Autonomy Keyview Ichitaro Object Reconstruction Logic Vulnerability

====================================================================== Secunia Research 07/10/2011 - Autonomy Keyview - - Ichitaro Object Reconstruction Logic Vulnerability - ====================================================================== Table of Contents Affected...