[NEWSLETTER]score: 1.27

LangGraph Checkpointers Have Chained SQLi and RCE Vulnerabilities Affecting 50M Monthly Downloads

June 15, 2026

Check Point Research found three chained CVEs in LangGraph's persistence layer: SQL injection in both SQLite and Redis checkpointers triggered via crafted filter parameters, combined with unsafe msgpack deserialization that escalates to remote code execution. Any application exposing LangGraph checkpointer filter inputs to untrusted data is at risk.

HOW THIS AFFECTS YOU

●

builderYou need to audit any LangGraph deployment using SQLite or Redis checkpointers immediately — crafted filter parameters can chain to full RCE, and the 50M monthly download footprint means this is widely deployed in production.

●

founderIf your product ships LangGraph-based agents to customers, this is a critical supply chain risk requiring immediate patching and customer disclosure before public exploit code circulates.

read original ↗research.checkpoint.com

← back to feed