From SQLi to RCE – Exploiting LangGraph’s Checkpointer
ID: 43e304e9-898e-5971-aa73-6b604601ab4e
STIX ID: report--43e304e9-898e-5971-aa73-6b604601ab4e
Feed Name: Check Point Research
**Executive Summary:** Check Point Research discovered three vulnerabilities in the LangGraph persistence layer — an SQLite SQL injection (CVE-2025-67644), an unsafe msgpack deserialization leading to arbitrary code execution when combined with injected checkpoints (CVE-2026-28277), and a similar injection issue in the Redis checkpointer (CVE-2026-27022). LangChain has released patches for the affected packages and recommends updating to patched versions; the chain requires a self-hosted checkpointer and an exposed get_state_history() accepting user-controlled filters.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
