1  info:
 2    name: langchain
 3    cve: CVE-2025-64104
 4    summary: LangGraph's SQLite store is vulnerable to SQL injection due to improper key parameterization.
 5    details: |
 6      LangGraph's SQLite store implementation contains SQL injection vulnerabilities. The issue arises from direct string concatenation of the JSON path key into the SQL query without proper sanitation, allowing attackers to inject arbitrary SQL and bypass access controls. This affects developers or projects that directly use the `checkpoint-sqlite` store and build the `filter` argument using keys derived from untrusted or user-supplied input.
 7    cvss: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
 8    severity: HIGH
 9    security_advise: |
10      1. Upgrade the `langgraph-checkpoint-sqlite` package to version `2.0.11` or later.
11      2. Ensure that filter keys passed to `SqliteStore` are static, validated, or allowlisted if user-supplied input is used.
12      3. Avoid using untrusted or user-supplied input directly as filter keys without proper sanitization.
13  rule: version > "0" && version < "2.0.11"
14  references:
15    - https://github.com/langchain-ai/langgraph/security/advisories/GHSA-7p73-8jqx-23r8
16    - https://nvd.nist.gov/vuln/detail/CVE-2025-64104
17    - https://github.com/langchain-ai/langgraph/commit/bc9d45b476101e441cb1cc602dea03eb29232de4
18    - https://github.com/langchain-ai/langgraph