CNNVD-202510-3447 Information
Oct 26, 2025
cve
CNNVD ID
CNNVD-202510-3447
Related CVE
- CNNVD Published: 2025-10-26
Description (Chinese)
langchainlanggraph-checkpoint-sqlite是LangChain开源的一个数据库连接Python库。 langchainlanggraph-checkpoint-sqlite 2.0.10版本存在SQL注入漏洞,该漏洞源于对filter运算符处理不当,可能导致SQL注入攻击。
Description (English)
Langchainlangragrap-checkpoint-sqlite is a database connected to the Python Library, an open source in Langchain. langchainlangraph-checkpoint-sqlite version 2.0.10 contains an injection loophole in SQL, which stems from the mishandling of the filter operator and could lead to an attack on SQL.
Hazard Level
Medium
Vulnerability Type
SQL注入
Affected Vendor
LangChain
Published
2025-10-26
Last Modified
2026-02-24
References
https://huntr.com/bounties/9793f4b3-76f8-44a4-989f-49a2177ee118
Patch
https://github.com/langchain-ai/langchain/releases
Share on: