LangGraph Security Flaws Expose AI Agents to Remote Code Execution Risks
Cybersecurity researchers have identified and disclosed three critical security vulnerabilities in LangGraph, an open-source framework used for building complex AI applications. These vulnerabilities, now patched, include a SQL injection flaw, an unsafe deserialization vulnerability, and a RediSearch query injection. The SQL injection vulnerability, identified as CVE-2025-67644, allows attackers to manipulate SQL queries through metadata filter keys, potentially leading to remote code execution. The deserialization vulnerability, CVE-2026-28277, could enable attackers to execute arbitrary code by modifying checkpoint data. Lastly, the RediSearch query injection, CVE-2026-27022, can bypass access controls. These vulnerabilities are particularly concerning for self-hosted deployments using SQLite or Redis checkpointers, as they could be exploited to gain unauthorized access and control over AI agents. 
