logo

From SQLi to RCE – Exploiting LangGraph’s Checkpointer

ID: 43e304e9-898e-5971-aa73-6b604601ab4e

STIX ID: report--43e304e9-898e-5971-aa73-6b604601ab4e

Feed Name: Check Point Research

Threat Score
70/100

Date Published: 2026-06-11

Date Updated: 2026-06-11

Author: stcpresearch

...
...

**Executive Summary:** Check Point Research discovered three vulnerabilities in the LangGraph persistence layer — an SQLite SQL injection (CVE-2025-67644), an unsafe msgpack deserialization leading to arbitrary code execution when combined with injected checkpoints (CVE-2026-28277), and a similar injection issue in the Redis checkpointer (CVE-2026-27022). LangChain has released patches for the affected packages and recommends updating to patched versions; the chain requires a self-hosted checkpointer and an exposed get_state_history() accepting user-controlled filters.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.