Code Execution Vulnerability in LangGraph SQLite Checkpoint by LangChain AI
CVE-2026-48775

6.8MEDIUM

Key Information:

Vendor: Langchain-ai
Status: Langgraph; Langraph-checkpoint
Vendor: CVE Published:; 16 June 2026

🔔 Create Langchain-ai Vulnerability Alert

What is CVE-2026-48775?

A vulnerability exists in LangGraph SQLite Checkpoint, an implementation of LangGraph CheckpointSaver that employs SQLite DB. In versions 4.1.0 and earlier, the JsonPlusSerializer poses a risk as it can reconstruct Python objects from JSON checkpoint payloads. This vulnerability arises when checkpoint bytes in the backing store can be modified by unauthorized individuals, potentially leading to unexpected object reconstruction and subsequent code execution during checkpoint loading. This issue underscores the importance of securing access to the checkpoint-store, as a breach could escalate to code execution within the application runtime. The vulnerability has been remediated in version 4.1.1.

Affected Version(s)

langgraph < 1.2.2

langraph-checkpoint < 4.1.1

References

https://github.com/langchain-ai/langgraph/security/adviso...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 16, 2026
Vulnerability Reserved
May 22, 2026

CVE-2026-48775 Data

JSON