Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-8709
Summary
A SQL injection vulnerability exists in the 'langchain-ai/langchain' repository, specifically in the LangGraph's SQLite store implementation. The affected versions are langgraph-checkpoint-sqlite through 2.0.10. The vulnerability arises from improper handling of filter operators ($eq, $ne, $gt, $lt, $gte, $lte) where direct string concatenation is used without proper parameterization. This allows attackers to Inject Arbitrary SQL, leading to Unauthorized Access to all documents, Data Exfiltration of sensitive fields such as passwords and API keys, and a complete bypass of application-level Security filters.
- LOW
- LOCAL
- LOW
- CHANGED
- NONE
- LOW
- HIGH
- NONE
CWE-89 - SQL Injection
Structured Query Language (SQL) injection attacks are one of the most common types of vulnerabilities. They exploit weaknesses in vulnerable applications to gain unauthorized access to backend databases. This often occurs when an attacker enters unexpected SQL syntax in an input field. The resulting SQL statement behaves in the background in an unintended manner, which allows the possibility of unauthorized data retrieval, data modification, execution of database administration operations, and execution of commands on the operating system.
References
Advisory Timeline
- Published
