All 4 CVE vulnerabilities found in langgraph, with AI-generated Chinese analysis, references, and POCs.
Vendor: langchain-ai
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-28277 | LangGraph: Unsafe msgpack deserialization in LangGraph checkpoint loading CWE-502 | 6.8 | Medium | 2026-03-05 |
| CVE-2025-67644 | LangGraph SQLite Checkpoint is vulnerable to SQL Injection via metadata filter key in checkpointer list method CWE-89 | 7.3 | High | 2025-12-10 |
| CVE-2025-64439 | LangGraph Checkpoint affected by RCE in "json" mode of JsonPlusSerializer CWE-502 | 8.8 | - | 2025-11-07 |
| CVE-2025-64104 | LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore CWE-89 | 7.3 | High | 2025-10-29 |
All 4 known CVE vulnerabilities affecting langgraph with full Chinese analysis, references, and POCs where available.