GHSA-9rwj-6rc7-p77c: LangGraph's SQLite is vulnerable to SQL injection via metadata filter key in SQLite checkpointer list method

December 10, 2025

Attackers who control metadata filter keys can execute arbitrary sql queries against the database.

References

github.com/advisories/GHSA-9rwj-6rc7-p77c
github.com/langchain-ai/langgraph
github.com/langchain-ai/langgraph/commit/297242913f8ad2143ee3e2f72e67db0911d48e2a
github.com/langchain-ai/langgraph/security/advisories/GHSA-9rwj-6rc7-p77c

Code Behaviors & Features

Detect and mitigate GHSA-9rwj-6rc7-p77c with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →