CVE-2026-28277 – LangGraph / LangGraphJS
“AI workflow platforms become high-value targets when trust boundaries around data and queries break down.”
LangChain patched multiple vulnerabilities affecting LangGraph and LangGraphJS checkpoint implementations. CVE-2025-67644 has a CVSS score of 7.3, which is High severity. CVE-2026-28277 has a CVSS score of 6.8, which is Medium severity. CVE-2026-27022 has a CVSS score of 6.5, which is Medium severity.
The vulnerabilities include SQL injection in LangGraph SQLite Checkpoint, unsafe deserialization of checkpoint data, and query injection in the Redis checkpoint implementation. Successful exploitation could allow manipulation of database queries, bypass of intended access controls, or execution of malicious payloads when crafted checkpoint data is loaded. CVE-2025-67644 is fixed in version 3.0.1, and CVE-2026-27022 is fixed in version 1.0.2. No public patch is available for CVE-2026-28277.
Proof-of-concept code has been reported for CVE-2026-27022. No verified active exploitation has been confirmed for the other vulnerabilities.
Key Details
- Affected Product
- Langchain Langgraph
- Attack Vector
- Adjacent
- Attack Complexity
- Low
- Privileges Required
- High
- User Interaction
- None
- CWE Classification
- CWE-502