VYPR

PyPI package

langgraph-checkpoint-sqlite

pkg:pypi/langgraph-checkpoint-sqlite

Vulnerabilities (3)

  • CVE-2025-67644Dec 10, 2025
    affected < 3.0.1fixed 3.0.1

    LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB (both sync and async, via aiosqlite). Versions 3.0.0 and below are vulnerable to SQL injection through the checkpoint implementation. Checkpoint allows attackers to manipulate SQL qu

  • CVE-2025-64104HigOct 29, 2025
    affected < 2.0.11fixed 2.0.11

    LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB (both sync and async, via aiosqlite). Prior to 2.0.11, LangGraph's SQLite store implementation contains SQL injection vulnerabilities using direct string concatenation without proper

  • CVE-2025-8709HigOct 26, 2025
    affected < 2.0.11fixed 2.0.11

    A SQL injection vulnerability exists in the langchain-ai/langchain repository, specifically in the LangGraph's SQLite store implementation. The affected version is langgraph-checkpoint-sqlite 2.0.10. The vulnerability arises from improper handling of filter operators ($eq, $ne, $