The Hacker News ·EN News source Patch releasedLangGraphlanggraph-checkpoint-sqlite@langchain/langgraph-checkpoint-redis
LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
CVE Tools coverage
Security researchers disclosed and LangGraph maintainers have patched three issues in LangGraph that can be chained into remote code execution for self-hosted deployments using the SQLite or Redis checkpointer. The affected vulnerabilities are CVE-2025-67644, CVE-2026-28277, and CVE-2026-27022, which respectively involve SQL injection in SQLite checkpoints, unsafe msgpack deserialization, and a RediSearch query injection in @langchain/langgraph-checkpoint-redis. This matters because the chain can allow attackers to turn tampered checkpoint data into server-side code execution, potentially exposing runtime secrets or other connected systems.