Description

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB (both sync and async, via aiosqlite). Versions 3.0.0 and below are vulnerable to SQL injection through the checkpoint implementation. Checkpoint allows attackers to manipulate SQL queries through metadata filter keys, affecting applications that accept untrusted metadata filter keys (not just filter values) in checkpoint search operations. The _metadata_predicate() function constructs SQL queries by interpolating filter keys directly into f-strings without validation. This issue is fixed in version 3.0.1.

INFO

Published Date :

2025-12-10T23:37:36.182Z

Last Modified :

2025-12-11T15:35:59.816Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-67644 vulnerability.

Vendors Products
Langchain
  • Langchain
Langchain-ai
  • Langchain
  • Langchain-ai/langchain
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-67644.

URL Resource
https://github.com/langchain-ai/langgraph/commit/297242913f8ad2143ee3e2f72e67db0911d48e2a cve-icon cve-icon
https://github.com/langchain-ai/langgraph/security/advisories/GHSA-9rwj-6rc7-p77c cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact